> I suggest if a file then put it outside Apache's document root or use an > environment variable.
I'm working in a VWS environment - whilst I am in contact with the system administrator, I don't have access to any config outside of my own account. > My older version of php is quite happy with 700 permissions, unless I've > got this wrong. The owner is the Apache user. Hrmm.. So if I got the ISP to chown the file me.webserver and then set chmod 640, making sure that every user's PHP settings meant they couldn't work with/read files outside their home directories, and all other scripting systems were equally configured, or set to run SUID user (Ie. Perl), this should render the file in question inaccessible to other users excl. the webserver group and root? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
