Gary Mort wrote:
But because of that, and my rusty LAMP server skills, I'm a little
behind on "ideals".
So...presuming you get to control the server environment, and we're
using Linux. What is the ideal way to configure your server so that:
The web server can read/write/edit files for the virtual host joomla
is being installed on
Multiple users can ssh/ftp to the server and read/write/edit
files[including ones created by each other and the webserver] for that
virtual host[and can edit any files the web server created]
AND
you can have a second virtual host that the web server can
read/write/edit files in and other users can as well but programs in
the first virtual host can't be run by the server and edit files in
the second one.
I'm not quite sure what you mean by the second virtual host not having
access to run programs on the first virtual host. Do you mean that the
second virtual host's web server running joomla should not have access
to the files in the first, but the first should have access to the
second? If so, then you might be able to get away with creating a
symlink to the second virtual host's joomla content directory. Place
that symlink under the first virtual host's <joomladir>/images/stories
directory. What you would end up with is the second virtual host's
content accessible as a subdirectory under the first, but not the other
way around.
This is only secure for users on the "front" web facing content
management end. For users who have access to upload scripts executable,
it's a security "game over". They have access to everything the web
server does for for all directories and virtual hosts managed by that
web server (eg. upload a "php shell" script).
~Rolan
_______________________________________________
New York PHP SIG: Joomla! Mailing List
http://lists.nyphp.org/mailman/listinfo/joomla
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
