It sounds like you're on a UNIX-like system. Ever hear of user/group file 
permissions? Just set the proper permissions on your directories and files 
and you're fine. There are many ways to do this sort of thing, so I won't 
get into it, but it would be much easier to focus on permissions than 
hacking the PHP source code for something so simple.

Hint: A good place to start would be to look at the user that Apache runs 
as (or whatever web server you're using). 


Yves Reveillon wrote:

> Hello,
> this is my security problem with PHP
>  have a free web hosting server and i permit users to use PHP and some
> functions like fopen !
> The problem is that i would like to denied fopen to works with my own web
> file of my website
> users: /home/userxxxx/www/
> Me: /var/www/html/
> One solution consist to forbidden the user of fopen (i dont want this for
> their file ...)
> 2nd: all extension for my own php scripts are for exemple phx
> Can i accept the commande fopen with file php but forbid
> fopen("any_file.phx") ???
> 3: Or, can i accept some function ONLY if they are execute from my own
> subnet ?
> The final alternative will be to modify directly the code source of php
> and recompile but any help will be welcoming !
> Thanks !

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to