Re: Fastcgi or apache-mpm-itk?

[kchr-list-debian@rac.nu]

Norbert Schuetz wrote:

> Hi folks.
> 
> Is there, in addition to itk, any solution for chrooting webspace
> environments to make sure any (php) user would not have access
> outside her htdocs directory?
> An additonal plus woul be that you could shift around webspace
> directories (read: failover ;-) without running into trouble because
> stupid PHP scripts use hard-coded paths like say
> /var/www/customerid/mydomain/htdocs/ somewhere?

You could always use open_basedir() to restrict file system operations.

http://www.php.net/features.safe-mode

That way you can make sure that your users won't be able to access files
outside of their home directory, but not forcing them to rewrite their
scripts because of a chroot().

However, this has been removed in PHP 6...

Best regards,
Kim
-- 
|_|O|_|  Kim Christensen
|_|_|O|  Public key: http://rac.nu/kchr.asc
|O|O|O|  Web home:   http://blog.technopragmatics.org
--------------------------------------------------------
() ascii ribbon campain - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments