On Tue, Feb 10, 2004 at 04:06:37PM +0000, Lewis Thompson wrote: > On Tue, Feb 10, 2004 at 03:56:08PM +0000, Peter Risdon wrote: <snip> > > Not that I know of, but have you considered compiling apache with > > suexec? Assuming your other users have seperate logins, this might work. > > You can have apache execute scripts as the appropriate user, not www. > > That way, a 700 permission should prevent other users from reading your > > scripts. > > I read some stuff about this. I got the impression it required using > PHP as a CGI, instead of mod_php. Am I wrong in thinking this? The > overhead of using PHP as CGI is a little too high because the server is > already pretty stretched...
Have a look at /usr/ports/www/suphp - be warned though, last time I looked at it the checks it uses to ensure UID 0 scripts aren't executed did not work correctly on FreeBSD. One slightly more complicated option is to rearrange your user/group permissions on a server-wide basis - there's a detailed description in this post: http://lists.freebsd.org/pipermail/freebsd-questions/2003-August/014731.html HTH -- Jez Hancock - System Administrator / PHP Developer http://munk.nu/ http://jez.hancock-family.com/ - Another FreeBSD Diary http://ipfwstats.sf.net/ - ipfw peruser traffic logging _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"