httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dragon <>
Subject Re: [users@httpd] Apache 2.2 security concern
Date Sat, 12 May 2007 17:04:26 GMT
Jaqui Greenlees did speak thusly:

>Yes, as Nick mentioned, suexec and user/group
>permissions are the common method for securing the
>site(s) from this.
>another option, slightly more hardware intensive is
>the have each hosted site running as a separate
>instance of apache chrooted so they do not have any
>access to the rst of the servers file system.
---------------- End original message. ---------------------

That approach is absolutely unnecessary and overly complicated.

As I said in my previous reply to this thread, PHP provides such a 
mechanism that is very easy to use.


  Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message