Page 2 of 2
Posted: Tue Mar 23, 2004 8:34 am
by malcolmboston
well mcgruff i never came into any problems

Posted: Tue Mar 23, 2004 9:38 am
by m3mn0n
magicrobotmonkey wrote:yea exactly - each user has their own folder and you restrict their access to that folder. Cept often there will be a separate cgi-bin folder where is the only place things can be run. you could either have one for each user or have a universal one, with permissions set file to file.
but this part of the discussion is more for some other type of forum.
Ask yourself a few questions here...
What is to stop someone from running a PHP Script that could read/export the entire server database? Or stop someone from clogging up your mail server with a spam bot? Or use a script to view other people's source code, and copy/delete files? Or what is to stop someone from using [php_man]ini_set[/php_man]() to change critical PHP settings? Or what is to stop someone from using [php_man]exec[/php_man]() and totally destroying the system?
Solve those and I think you could be okay with what Malcolm suggested.

Posted: Tue Mar 23, 2004 9:46 am
by magicrobotmonkey
yea thats what im talking about with all the permissions
Posted: Tue Mar 23, 2004 9:58 am
by m3mn0n
Google is your friend: [google]php safe mode tutorial multi user hosting configuration[/google]
(You might want to split that long search into seperate ones for more specific results.)
Posted: Tue Mar 23, 2004 12:01 pm
by benxuk
Sami wrote:
Ask yourself a few questions here...
bla bla bla
use a script to view other people's source code, and copy/delete files? Or what is to stop someone from using [php_man]ini_set[/php_man]() to change critical PHP settings? Or what is to stop someone from using [php_man]exec[/php_man]() and totally destroying the system?
Solve those and I think you could be okay with what Malcolm suggested.

Thats exactly why i asked! Thank you heh

i read this thread and thought "fek nobody understands me" but there we go

you can see, i'll be checking out that google stuff when time is on my side, electronics to mess up now thanks again,

Posted: Wed Mar 24, 2004 10:06 am
by benxuk
i still don't seem to be explaining myslef....
its like this 1 server, 1 instance of php, 20 domains, 20 user home paths
there is no way to stop these 20 user's accessing eachovers home path thru php code is there?
Posted: Wed Mar 24, 2004 10:10 am
by magicrobotmonkey
no its things you have to set on the server not with php
Posted: Wed Mar 24, 2004 10:55 am
by McGruff
Did you have a look at
User Mode Linux?
Posted: Wed Mar 24, 2004 5:01 pm
by benxuk

vitual machines would work yeah, but it and future servers will be windows 2003 and i don't know of a virtual machine that lets me run thousands of intances at a satisfactory level of performance, and it is php that i'm concerned about not windows users, i can set as many permissions as i want, a php script can and will have the power to control the filesystem, so i guess its looking more like the safe mode thing or maybe writing my own php style isapi filter....
hmmm
maybe this makes sense to you guru's or maybe still theres another way around this??

i am ver n00b...........