Marek, but the program was executed using a system call from a php script.
- rt On Wed, 30 Jun 2004 23:50:02 +0200, Marek Kilimajer <[EMAIL PROTECTED]> wrote: > > robert mena wrote --- napísal:: > > > Hi, > > > > I host a few virtual domains in apache 2 and use php. > > > > The virtual domain is something like > > > > <VirtualHost a.b.c.d:80> > > ServerAdmin [EMAIL PROTECTED] > > DocumentRoot /home/httpd/html/domain.com > > ServerName www.domain.com > > ErrorLog logs/domain.com-error_log > > CustomLog logs/domain.com-access_log combined > > ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ > > <Directory /home/httpd/html/domain.com/> > > AllowOverride AuthConfig Limit > > php_admin_value doc_root "/home/httpd/html/domain.com/" > > php_admin_flag safe_mode on > > php_admin_value open_basedir "/home/httpd/html/domain.com:/tmp/" > > </Directory> > > </VirtualHost> > > > > Recently I had a minor problem with a user that uploaded via ftp a php > > script in his domain and this domain used exec/system etc to call > > perl, read files. > > > > Shouldn't the settings above retrict such thing ? > > > > no, this setting affects only php, not programs executed from php > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
