On Sat, Nov 24, 2001 at 06:44:02PM -0500, Kevin J. Menard, Jr. wrote: > > MpP> For simple masshosting I still suggest mod_vhost. > > Which brings me back to my original question. For simple masshosting, I > would agree. But what about a system where some vhosts have CGI or SSI > access for example, and some don't. Would the former setup be better, or > the latter?
This is my biggest problem and a significant security hole :/ I have a directory /www containing all the vhosting directories, named domain.com, etc. the entire directory tree is owned by a user called virtual, and everyone has CGI, PHP and SSI access. In this way it would be very easy for anyone to upload a 'file manager' CGI and be able to change the documents of any other Vhost user :( People have pointed me at sudo in the past but I don't want to start creating /etc/passwd users - that was the whole point of the virtual system - no real system users for www, ftp or mail! Any ideas, anyone? We haven't had any problems to date because none of our clients know anything / much about scripting... Cheers, gdh
