On Mon, March 31, 2008 3:21 am, Hamar Gábor wrote: > I am a new php user and I have a question, for which I couldn't find > any > answer. > > I'd like to restrict php code to access the filesystem. I'd like to > have > only one directory where the php code can write, create or read files, > and an other directory hierarchy where the php codes present. I need > this to avoid php code to rewrite other php code in case of bug and/or > an attack. > > I already tried the open_basedir directive, but it couldn't work > because > in this case the executed php have to be in the accessable directory > hierarchy.
PHP runs as the Apache user. chown/chmod the source files to not be writable by that user. Problem solved. No real PHP "trick" here. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
