On 5/11/07, Sam Lavitt <[EMAIL PROTECTED]> wrote:
I am wondernig if apache 2.2 has a means to prevent a user with a site hosted on the server, from accessing another users files. (e.g. I have /hosting/user1, and I don't want him to be able to run a script to open /hosting/user2/password-file) I read someplace that there was a mpm for apache 1.3 that would restrict the child threads spawned for each request to files that could be accessed by a specific user account, but I can find no such mpm for apache 2.2. Thanks in advance for the info!
Looks like you need to help fix it: http://httpd.apache.org/docs/2.0/mod/perchild.html