Don't forget to setup php_admin_value open_basedir /some/path/for/your/usersThis is very important if all your users uses the same apache UID/GID. If you don't set that up, then a user will be able to write in another user's folder using a (very simple) php script.
Hagen Kuehnel wrote:
You can set the Envelope-From in the vHost-Directive with sendmail_path php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -fwww-data@example.com
Thanks a lot for that nice mail() tip. Do you think it's compatible with Postfix and/or Qmail? If yes, I'm going to do it asap in my control panel and push it to CVS. If not
Thomas -- http://www.gplhost.com GPLHost:>_ Open source hosting worldwide Webspaces featuring GPL control panel Maykel Moya wrote:
Following Frédéric's mail. What do you suggest for securing PHP sites. I'd been using 'safe_mode = On' and /tmp with noexec,nosuid but would like to hear another experiences. Regards, maykel