httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "j k" <jonnyk...@gmail.com>
Subject Re: [users@httpd] Apache 2.2 security concern
Date Sat, 12 May 2007 05:42:35 GMT
On 5/11/07, Sam Lavitt <sam@lavitt.net> wrote:
>
> I am wondernig if apache 2.2 has a means to prevent a user with a site
> hosted on the server, from accessing another users files.  (e.g. I have
> /hosting/user1, and I don't want him to be able to run a script to open
> /hosting/user2/password-file)  I read someplace that there was a mpm for
> apache 1.3 that would restrict the child threads spawned for each
> request to files that could be accessed by a specific user account, but
> I can find no such mpm for apache 2.2.
>
> Thanks in advance for the info!



Looks like you need to help fix it:
http://httpd.apache.org/docs/2.0/mod/perchild.html

Mime
View raw message