On 01/07/2001 02:49, Jack wrote:
>hi everyone,
> Does anyone know the best way to secure php source code so it is not
>group/world readable?
>I can read other users' php source code by writing a simple php script.
>I do not prefer to run php as cgi because all user's php file need to
>add the header
>#/usr/bin/php again.
there are two patches that i know, one for suexec and one for cgiwrap,
that allows you to run php scripts as cgi without having to chmod 755
or add a shebang line. i have used them both (well, i wrote the first
one, but now i use the cgiwrap one) and it seems to be running okay.
no guarantees though.
for suexec:
http://groups.yahoo.com/group/diskusihosting/files/Steven/apache_1.3.19-phpcgi-noshebang-suexec_only.patch
for cgiwrap:
http://w3.man.torun.pl/~makler/patches/cgiwrap/
--
sh
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
