Re: Apache/PHP/FTP and user rights
On Thu, 2002-08-01 at 18:38, Phillip Baker wrote:
> (oops, sent it directly to nicolas instead of the list - resent to the list
> for other people's benefit)
> I resigned myself to using cgi-php, mainly because I didn't want users
> scripts running as the webserver (somewhat of a security risk as then all
> files readable by the webserver become readable to users php scripts), but
> also to solve the problem of user's files not belonging to them.
> My install requires each user to have a copy of the interpreter in their own
> website's cgi-bin, under /www/<their-site-url/cgi-bin - It does mean 2.4mb
> or so used by each user, but I just credit them the extra quota, and really,
> 2.4mb isnt so much these days.
> To change the path you're allowed to use suexec on (because I don't believe
> you actually use /var/www - do you?) simply recompile it with the different
> path, and drop it into apache's lib directory. Don't forget to back up your
> new suexec when you upgrade apache, because apache will overwrite it again!
> If you need more detailed directives on recompiling suexec for an
> alternative path let me know and I'll dig the info out.
What is the performance hit for this (if any) ? and how much of a PITA
is it ? Also, do you have any links ? I've never used suexec, are there
any limits on the number of users or such ?
Thanks for your time