From: "Sagi Bashari" <[EMAIL PROTECTED]>
> > > From: "mulix" <[EMAIL PROTECTED]>
> > > > > Well, Sagi proposed something that can be done with proftpd. Let's
> look
> > > > > into it first, and only then implement it as a CGI script. Are you
> OK
> > > with
> > > > > that?
> > > >
> > > > not entirely - i dont want a cgi script, and we already have an ftp
> > > > server installed - i dont want to maintain two of them. i'll look
into
> > > > running another copy of whatever we have running in a chroot'd
> > > > environment later tonight.
> > >
> > > Just remember that if you just setup chroot'd ftp account, the user
will
> > > still be able to run php/cgi scripts on the server unless you disable
it
> in
> > > apache.
> > >
> >
> > Can we disable changing the permissions of a file in proftpd?
>
> Probably, but that's not enough. PHP only needs to +r to execute.
>
> However, I'm pretty sure that you can block PHP/CGI access for specific
path
> in Apache, or just allow/disallow uploading of specific file types in
> ProFTPD.
>
For apache:
<Directory "/home/user/public_html">
<Files ~ "\.(cgi|pl|php|phtml)">
Order allow,deny
Deny from all
</Files>
</Directory>
There might be a better solution, but this should be enough for now.
Sagi
----------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED]
Archives available at http://www.mail-archive.com/[email protected]/
