Marek,

but the program was executed using a system call from a php script.

- rt

On Wed, 30 Jun 2004 23:50:02 +0200, Marek Kilimajer <[EMAIL PROTECTED]> wrote:
> 
> robert mena wrote --- napísal::
> 
> > Hi,
> >
> > I host a few virtual domains in apache 2 and use php.
> >
> > The virtual domain is something like
> >
> > <VirtualHost a.b.c.d:80>
> >         ServerAdmin [EMAIL PROTECTED]
> >         DocumentRoot /home/httpd/html/domain.com
> >         ServerName www.domain.com
> >         ErrorLog   logs/domain.com-error_log
> >         CustomLog  logs/domain.com-access_log combined
> >         ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
> >         <Directory /home/httpd/html/domain.com/>
> >                 AllowOverride AuthConfig Limit
> >                 php_admin_value doc_root "/home/httpd/html/domain.com/"
> >                 php_admin_flag safe_mode on
> >                 php_admin_value open_basedir "/home/httpd/html/domain.com:/tmp/"
> >         </Directory>
> > </VirtualHost>
> >
> > Recently I had a minor problem with a user that uploaded via ftp a php
> > script in his domain and this domain used exec/system etc to call
> > perl, read files.
> >
> > Shouldn't the settings above retrict such thing ?
> >
> 
> no, this setting affects only php, not programs executed from php
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to