Hi all, I host some virtual domains within my apache 1.3.x/php 4.3.x setup.
Those domains are mantained by the users via ftp and I was wondering if I could secure the configuration a little bit more. I know that are limitations but the requirements would be : a) the user should not be able to access files outside the DocumentRoot besides system libraries or temporary files b) I'd like to have a system wide repository where common libraries, classes should be accessed without having to copy and mantain individually c) Since the user has some php thet perform a file upload, those scripts must be able to move, rename, delete files located under the document root As a starting point the user has a ftp login and the document root is owned by the login.apache so the user and the apache can access and alter the contents. Best regards. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php