-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 12 May 2007, Dragon wrote:
PHP provides for this directly.
There is a restrict_base_dir setting that can be applied to each virtual host
that prevents users from accessing anything outside of the specified
directory tree.
Correct, everybody should be using this in a shared hosting environment,
and also to tighten the reins furher should use disable_functions
The one I use and has given us no complaints except for some lame program
that wants to know the system uptime stats, which has nothing to do with
a user anyway, even if it only wants it for the load, again, nothing to do
with user, if the load gets high (above 5 on 15 min avge) we have alarms
to let us know.
disable_functions = exec, shell_exec, system, virtual, show_source,
readfile, passthru, escapeshellcmd, popen, pclose, phpinfo
- --
Cheers
Res
Vote for your favourite MTA at http://polls.ausics.net/v3.php
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGRj6fsWhAmSIQh7MRAumRAKCf4eW3oY4sGAfEP0xewn/fZgGR8ACfaJuC
KQyQOYmGKCWvUUNNKQ1Dk9w=
=0tLW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
