I have constructed a control pannel for the local webhosting I will be selling soon but I have noticed a major bug. The script I'm using could easily be replicated by any of my clients meaning they have full access to my server....
I'm running apache and below is a setup of my dirrectories:
C:/AppServ/ Root AppServ Folder
/www/ Public section(changed in apache to be limitted access)
/hosting/ Main hosting section
/$client/ Clients root dirrectory
/www/ Clients public dirrectory
/private/ Clients private dirrectory
/folder/
/serverpro/ My Control Panels folder
I need to limit my clients access between folders. So one client can't edit anything below their $client folder
Limitting one folder/website from accessing another
Moderator: General Moderators
If you look at http://php.net/features.safe-mode and in particular the open_base directive then that should point the way. I've never needed/used safe mode myself so the implementation details are beyond me.
I would rather keep safe-mode off for my users if I could though. I believe in giving clients as much as I can for their dollar and from my own past experiences I have found safe-mode annoying.
Is there a specific apache mode that can be applied? each client does have their own virtual host section. Couldn't I change the allow/deny properties to restrict access to a "sub root" folder?
Is there a specific apache mode that can be applied? each client does have their own virtual host section. Couldn't I change the allow/deny properties to restrict access to a "sub root" folder?
iirc open_basedir is not just restricted to safe mode. So you can still use it to restrict clients to their own dir without having to use safe mode.
http://php.net/ini_set has more info
http://php.net/ini_set has more info
Okay thanks, I'll look into that.
Edit:
Just for anyone in the future who may need this information
open_basedir string
Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.
When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink.
The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().
In httpd.conf, open_basedir can be turned off (e.g. for some virtual hosts) the same way as any other configuration directive with "php_admin_value open_basedir none".
Under Windows, separate the directories with a semicolon. On all other systems, separate the directories with a colon. As an Apache module, open_basedir paths from parent directories are now automatically inherited.
The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"
Note: Support for multiple directories was added in 3.0.7.
The default is to allow all files to be opened.
Edit:
Just for anyone in the future who may need this information
open_basedir string
Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.
When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink.
The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().
In httpd.conf, open_basedir can be turned off (e.g. for some virtual hosts) the same way as any other configuration directive with "php_admin_value open_basedir none".
Under Windows, separate the directories with a semicolon. On all other systems, separate the directories with a colon. As an Apache module, open_basedir paths from parent directories are now automatically inherited.
The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"
Note: Support for multiple directories was added in 3.0.7.
The default is to allow all files to be opened.