[EMAIL PROTECTED] wrote:
Idea: On handling a file, setuid() to owner of file. On closing
connection,
re-engage original uid (nobody, apache, www-data, whatever it is). PHP
will
run under user's UID, other users are save.
The 'solution' is the perchild MPM ;)
Or a dirty hack; run apache as
The 'solution' is the perchild MPM ;)
Or a dirty hack; run apache as root and let it change uid based on the
url's owner or something like:
Directory /www/www.example.org/user/test/
User test
Group users
/Directory
Something like that would be quite nice too, perhost MPM only
[EMAIL PROTECTED] wrote:
Idea: On handling a file, setuid() to owner of file. On closing connection,
re-engage original uid (nobody, apache, www-data, whatever it is). PHP will
run under user's UID, other users are save.
This would be maybe 10 lines of code. It can't be that easy, can it?
