httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <uh...@fantomas.sk>
Subject Re: [users@httpd] Chroot a virtual host
Date Mon, 09 May 2011 13:18:20 GMT
Hello,

On 20.04.11 00:47, --[ UxBoD ]-- wrote:
> I have noticed that when running Joomla, or in-fact any browsing capable
> PHP code, I am able to navigate above my virtual host document root and
> look at other virtual host files.
> 
> How would one stop this ? I have taken a look at mod_chroot but that does
> not seem to work as ChrootDir can only be used in the main configuration
> and not in the VirtualHost directive.

just a 1.5 months ago this question was asked and (imho) answered.
Usually the PHP scripts are run under the same user apache runs as, so they
have the same permissions. 

You can limit files which can a PHP script access by using PHP directives
open_basedir and doc_root.

You can run peruses MPM wich apathe 2.2.

You can also run PHP as CGI using suexec, but that's a bit ineffective.
I don't know how does FastCGI work.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message