Hi, StarK wrote: > > What kind of security can I use to avoid this ? Can we chroot the PHP > (Yes I know it's a strange sentence :) ?
i know two useable solutions: 1. care about every service: use SuEXEC for CGIs, Safe Mode for PHP, a good directory and right structure. 2. chroot everything just chroot the users at the login after ssh (if you want to allow ssh), chroot apache (that means every user must have one apache-process), chroot ftp (what you have already done). bye Ralf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
