Curt Zirzow wrote: >> This way, it seems to me like security hole, because I have to >> use 0777 while creating, then everybody could do everything with >> the files. Well, there is the open_basedir setting, put then, >> what's about other user doing other things (not PHP)? >> > > Yes that is a big security hole. There are some hosting solutions, > I cant really help you there, but this concept I think should work > would be: > [...] > user/group: $virtualuser/apache
Hmm, well. It may be "more" secure, but there is still the problem, that every $virtualuser can access the files. You still have to hope that there is now "bad" $virtualuser. Anyway, thanks :-)! Joachim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
