I have a machine with many virtual hosts. Some of the virtual hosts are maintained by clients (we serve as web hosting company) and some are internal. The external accounts are loked out of the main fylesystem using proftpd chroot feature and by having /dev/null as the shell. My problem is that even that way users of the external group can use php's fopen() to open other files. And in a php/mysql enviroment is not hard to find files with database login/password. If i had lots of IP's i could run several copies of apache each one on it's ip and one for each external client, i would run it with the clients group and that way i could lock each one out of the others account. The problem is that i dont have lots of ip's, any ideas on how to solve this?
Gustavo Felisberto -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
