On Mon, 2005-01-10 at 15:21, Jason Morehouse wrote: > Jonel Rienton wrote: > > man chmod, i gather you're new to linux/*nix > > I don't need a lesson in file permissions, thanks. Apache runs as > nobody. The problem isn't trying to get apache to display test.php, > it's having it display the proper 403 error page, rather than a php > error when it doesn't have access to a page. > > Each page, test.html and test.php have the same permissions. The html > page gives the expected 403 error message when I try and access it > (thats what I want). The other, php script doesn't. This is a security > concern for me as it reveals paths on my system in the event a page has > the wrong permissions. Why does apache not server the 403 on the php > page? Maybe this is better off in the apache list.
Ahh. well I guess everyone got a refresher on *nix perms at least :) I see what you are concerned about but am wondering if relying on the underlying file system perms is a good thing to begin with. Still, I have no answer for your question. It is an interesting one and I hope you will enlighten us once you find the answer. FWIW it sounds to me to be a php issue. Apache sees the php extension and passes it off to php who then pukes on the perms. Bret -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
