Hello Haj,

vendredi 13 septembre 2002 � 14:47:35, you wrote :

H> Hello Charlie,

H> On Fri, 13 Sep 2002, you wrote :

CB>> On Fri, 13 Sep 2002, Haj wrote:

>>>   putted my php binary in  /home/e-smith/files/ibays/web/php-bin
>>>   and chmod 770
>>>   and chown www:www

CB>> Those are not secure permissions. You want to prevent web applications 
CB>> from being able to modify critical system binaries. Hence you should have 
CB>> permissions root.www 0750 or root.root 0775, depending on whether you 
CB>> think there is a problem with any non-www user being able to access php.

H> In fact I want to use e-smith for hosting.

H> I want each web site able to have is own php build. Here what I
H> have ( it works on a BSD sytem! )

H> <VirtualHost 0.0.0.0:80>
H>     ServerName mySite.com
H>     ServerAlias mySite.com

H>     User haj
H>     Group site1

H>     DocumentRoot         /home/e-smith/files/ibays/vhost1/html
H>     ScriptAlias /cgi-bin /home/e-smith/files/ibays/vhost1/cgi-bin
H>     Alias       /files   /home/e-smith/files/ibays/vhost1/files

H>     ScriptAlias /php-bin/ /etc/httpd/conf/vhosts/mySite.com/php-bin/
H>     Action php-script /php-bin/php
H>     AddHandler php-script .php .php3 .phtml

H> [...]


H> /etc/httpd/conf/vhosts/mySite.com/php-bin/php have haj.site1 0700


H> Should work Isn't it ??
H> Why do I get:
>>Forbidden
>>You don't have permission to access /php-bin/php/info.php on this server.
H> when [EMAIL PROTECTED] http://mysite.com/info.php ?


I want to log in ssh as haj to test if it can't execute a script
thought /etc/httpd/conf/vhosts/mySite.com/php-bin/php.

How can I enable ssh access to  a user other than root or admin ?


-- 
Regards,
Haj                            
[EMAIL PROTECTED]


--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Searchable archive at http://www.mail-archive.com/devinfo%40lists.e-smith.org

Reply via email to