Check out suExec on the Apache website. Also, Apache 2 allows each virtual
host to run as a different user - this alleviates some security issues.

--zak

----- Original Message -----
From: "Terry Romine" <[EMAIL PROTECTED]>
To: "Jonathan Hilgeman" <[EMAIL PROTECTED]>
Cc: "'Simon R Jones'" <[EMAIL PROTECTED]>; "PHP-DB (E-mail)"
<[EMAIL PROTECTED]>
Sent: Wednesday, May 23, 2001 1:12 PM
Subject: Re: [PHP-DB] security in PHP under Apache


> But how do you set it so a webuser would run sudo? That sounds pretty
> dangerous, to me.
>
> I have a similar situation where I want PHP to create a subdirectory and
> set privileges to it based on the login user. I end up having to create
> the directory by hand via SSH and then run the php script.
>
> Terry
>
> On Wednesday, May 23, 2001, at 12:36 PM, Jonathan Hilgeman wrote:
>
> > PHP runs via Apache, so it adopts the user that Apache uses,
> > essentially.
> > You can use a program like sudo to allow them to run certain commands
> > on the
> > server.
> >
> > Jonathan
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to