Robert Vangel wrote:
Does anyone have any suggestions on how to get around the above problem?How do i allow users to create files (with PHP) with the user of www-data, but still restrict some other directorys from writing?Is this a bad thing in the first place?Have a look at libapache2-mod-suphp. This makes PHP run in a suid/sgid environment.You can't run PHP & suPHP at the same time however (but there isn't really isn't much reason to).
OK! You learn something everyday! Can someone answer a few questions RE suPHP? The docs are faily *lite*...
So i have some users, they have user ID's 1000,1001,1002 etc, they are all part of a group... say: www-clients or something. (or do i give them each their own group?)
Within each <VirtualHost> i would have something like this?: suPHP_Engine on suPHP_ConfigPath /etc/php4/cgi/suphp/ suPHP_UserGroup ??? What do i put here? AddHandler x-httpd-php .php .php3 .php4 .phtmlAlso the docs mention that you can forego using safe_mode with this? Is this safe from a virtual hosting point of view? If anyone is using this now, can they outline how they are using it and what the security implementations of it are?
Thanks Heaps Simon