Hiya All, I'm hoping someone can give me some pointers here. We've got running Win2000 with Apache 3.1.19 (mod_ssl) and PHP4 (& ChilliASP). And as such our system seems totally unprotected in the way that a user could run a php script and delete anything on the system that they fancied (on a test it was quite happy to delete text.txt from /winnt/). I can see it's slightly possible to restrict PHP usage on IIS to home directories, but we're totally stumped on how we can make our sort of installation more secure considering we don't have users in UserManager because Apahce / ftp-servrU don't work with that type of a system. Has anyone got any good ideas because this seems to be a very important issue, and we can't be the only people running win32 apache and php. All help gratefully appreciated, Steve -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
