A better option would be to find a host that jails it's users into a confined space. If no one knows where directories and files exist then there's no way for them to know how to get at your files to write to them. This is why I pay $150/month for a private server.
James On Sep 18, 2008, at 11:11 AM, Tom Boutell wrote: > > Since I mentioned pair.com in my earlier email, I should mention that > I opened a ticket with pair.com and received a very prompt response > recommending their php-as-CGI-as-you solution: > > http://www.pair.com/support/knowledge_base/authoring_development/system_cgi_php-cgiwrap.html > > This does appear to be the right answer - PHP scripts, including > Symfony, will run "as you" and this means you can remove the > "world-readable" and "world-writable" bits that are so dangerous on a > shared hosting server. > > Of course not every shared hosting company offers this option. > > You might ask why this option isn't the default. The reason seems to > be increased resources - every PHP script then requires a separate, > short-lived process (classic CGI). But if you're using shared hosting > for cost reasons, you should look for a host that offers something > like this and make darn sure you don't have world-readable and > world-writable files. > > Especially (but not exclusively) with Symfony due to its need to write > PHP scripts to a cache folder on the fly. > > -- > Tom Boutell > > www.punkave.com > www.boutell.com > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
