Hi, normally it shouldn't matter if users are able to read /etc/passwd because the accounts should be secured by strong passwords. You know, security by obscurity and so ;-)
But if you REALLY need to keep your user's eyes away from these file, the easiest way is to put all users into a new group (let's call it 'webusers'), change the owner of /etc/passwd to this group and drop the read flag for it: $ chown root:webusers /etc/passwd $ chmod 604 /etc/passwd This will allow "root" ans "others" (e.g. all daemons) to read /etc/passwd but disallow it for users of the webusers group. Much easier than setting up a vhost environment for each user :-) Kiond regards, Roland Tapken -- Privacy is not a crime! _______________________________________________ suPHP mailing list [email protected] https://lists.marsching.com/mailman/listinfo/suphp
