Hello Haj, vendredi 13 septembre 2002 � 14:47:35, you wrote :
H> Hello Charlie, H> On Fri, 13 Sep 2002, you wrote : CB>> On Fri, 13 Sep 2002, Haj wrote: >>> putted my php binary in /home/e-smith/files/ibays/web/php-bin >>> and chmod 770 >>> and chown www:www CB>> Those are not secure permissions. You want to prevent web applications CB>> from being able to modify critical system binaries. Hence you should have CB>> permissions root.www 0750 or root.root 0775, depending on whether you CB>> think there is a problem with any non-www user being able to access php. H> In fact I want to use e-smith for hosting. H> I want each web site able to have is own php build. Here what I H> have ( it works on a BSD sytem! ) H> <VirtualHost 0.0.0.0:80> H> ServerName mySite.com H> ServerAlias mySite.com H> User haj H> Group site1 H> DocumentRoot /home/e-smith/files/ibays/vhost1/html H> ScriptAlias /cgi-bin /home/e-smith/files/ibays/vhost1/cgi-bin H> Alias /files /home/e-smith/files/ibays/vhost1/files H> ScriptAlias /php-bin/ /etc/httpd/conf/vhosts/mySite.com/php-bin/ H> Action php-script /php-bin/php H> AddHandler php-script .php .php3 .phtml H> [...] H> /etc/httpd/conf/vhosts/mySite.com/php-bin/php have haj.site1 0700 H> Should work Isn't it ?? H> Why do I get: >>Forbidden >>You don't have permission to access /php-bin/php/info.php on this server. H> when [EMAIL PROTECTED] http://mysite.com/info.php ? I want to log in ssh as haj to test if it can't execute a script thought /etc/httpd/conf/vhosts/mySite.com/php-bin/php. How can I enable ssh access to a user other than root or admin ? -- Regards, Haj [EMAIL PROTECTED] -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Searchable archive at http://www.mail-archive.com/devinfo%40lists.e-smith.org
