On April 19, 2011 19:47 , "--[ UxBoD ]--" <ux...@splatnix.net> wrote:
I have noticed that when running Joomla, or in-fact any browsing capable PHP
code, I am able to navigate above my virtual host document root and look at
other virtual host files.
How would one stop this ? I have taken a look at mod_chroot but that does not
seem to work as ChrootDir can only be used in the main configuration and not in
the VirtualHost directive.
As an alternative to chroot, you could use privilege separation to
achieve what you want, setting up each virtual host to execute PHP code
as a different user from all other virtual hosts' users.
There are many ways to implement privilege separation, see
http://wiki.apache.org/httpd/PrivilegeSeparation My favorite way is
to use FastCGI, although I personally use mod_proxy_fcgi for this rather
than mod_fcgid.
--
Mark Montague
m...@catseye.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
