View Single Post
  #22  
Old 21st June 2006, 20:53
elCorazon elCorazon is offline
Junior Member
 
Join Date: Jun 2006
Posts: 10
Thanks: 1
Thanked 0 Times in 0 Posts
Default ok for PHP, but what about the filesystem

Quote:
Originally Posted by falko
ISPConfig sets all directories underneath /var/www/webX/web to webX_admin:webX, with the directories having permissions of 755.

You can make all webs use PHP Safe Mode, so that no PHP scripts can break out of their web site, and/or you can use suPHP: http://www.howtoforge.com/apache2_suphp_php4_php5
OK, its true I don't have a problem when running php in safe mode with basedir restriction... But what about the users that do ssh? They can cd into every users directory and read every file??
There have to be DB-passwords somewhere...

I don't think that it is a good idea to give world read permission to any user directory by ISPconfig...
Just a thought... I can't see any good alternative to ISPconfig and I think I will be happy with it, but this one thing I don't like too much. Think I'm gonna remove it from the code on my own and maybe find another solution as posted above.

Anyway, thanks for the tool
Reply With Quote