httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Lavitt <...@lavitt.net>
Subject [users@httpd] Apache 2.2 security concern
Date Sat, 12 May 2007 04:01:12 GMT
I am wondernig if apache 2.2 has a means to prevent a user with a site 
hosted on the server, from accessing another users files.  (e.g. I have 
/hosting/user1, and I don't want him to be able to run a script to open 
/hosting/user2/password-file)  I read someplace that there was a mpm for 
apache 1.3 that would restrict the child threads spawned for each 
request to files that could be accessed by a specific user account, but 
I can find no such mpm for apache 2.2.

Thanks in advance for the info!

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message