Restrict PHP scripts from accessing higher directories
Posted: Fri Jul 23, 2010 9:34 am
I have a folder, lets call it /www/
Within that folder I have a bunch of sub directories
/www/user1/
/www/user2/
/www/user3/
ect..
Users can upload php files to their directory if they want, but there is nothing to stop a script in /www/user1/ from accessing files in /www/user2/
Theoretically, users could modify or delete another users files. I could disable the modify/delete functions, but it not a very good solution. Is there a way to restrict a php script to only accessing files within its own directory or subdirectories?
Within that folder I have a bunch of sub directories
/www/user1/
/www/user2/
/www/user3/
ect..
Users can upload php files to their directory if they want, but there is nothing to stop a script in /www/user1/ from accessing files in /www/user2/
Theoretically, users could modify or delete another users files. I could disable the modify/delete functions, but it not a very good solution. Is there a way to restrict a php script to only accessing files within its own directory or subdirectories?