Possible solutions: 1. Do not allow user access to the project directory and create a separate directory where you (r)sync the most important directories. See config/rsync_exclude.txt on how to avoid certain directories to be sync-ed. Given that the users do not need RW access anyway this copy should be enough for them. You can run a sync process every minute to have this RO copy up to date to your users.
2. Use a FS with ACL set up, like: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html gabriel -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
