Hi all,
Short question:
How can I set permissions to inhibit my hosting clients to get
access to others hosting clientes files?
Short question(Expanded)
I've got a php+mysql+apache+linux server running that provides
hosting. Everything works ok. The apache http server and mysql are
chrooted for security issues. The php files are stored in directories
as follows: /www/test0.com, /www/test1.com and so on). How can I avoid
a script stored in /www/test0.com/ to open a data file from
/www/test1.com? (e.g. fopen("../test1.com/index.html","w");
Ok, that would be easy to answer but the following limitations
changed it to a hard question to me.
-The owners of test0.com and test1.com are not users in my system.
So I can't use chown/chmod or setguid in apache, because every
directory is owned by an user called "nobody". So permissions wouldn't
work.
-open_basedir - this would be a great solution, I'd just need to
insert in every VirtualHost in http.conf open_basedir /www/test0.com,
/www/test1.com and so on. But I'm using mod_vdbh ("A Virtual Database
Hosting DSO module"), so my VirtualHosts are stored in a database. And
mod_vdbh doesn't have php_admin_value stored in database.
- php_admin_value in a .htaccess - it'd be a good solution, but
php manual says that it doesn't work.
Any bright solution?
Really sorry for this long post.
Thanks in advance.
Yusuke_and