On Wed, Mar 02, 2005 at 10:42:37PM -0800, [EMAIL PROTECTED] wrote:One practical application of suPHP is to let each user run PHPs in their UserDirs - with their permissions -
Unfortunately, the current configuration prevents this because "~/public_html/" is probably not in DocumentRoot - leading to -
[...] [Wed Mar 02 19:55:42 2005] [error] Script /home/me/public_html/foo.php is not in the DOCUMENT_ROOT (/var/www) [...]
Could we configure suPHP with "--disable-checkpath"?
I don't think it's the best choice. Disable this is not a good idea for
security reasons. Maybe could you simply create a vhost like
"people.yourdomain.tld" with /home as DocumentRoot and maybe some apache
rules to block users browsing /home (except /home/*/public_html).
Hello!
I hear you - disabling security measures is no solution -
- but in this case, I fail to see the security provided by checkpath.
1) Setting DocumentRoot to /home/ is certainly no more secure than disabling checkpath, 2) suPHP requires runtime configuration before it will operate on PHPs in particular Directory / Locations - in or out of DocumentRoot (it can easily be configured at runtime not to operate on PHPs outside DocumentRoot) 3) Running scripts with suPHP - in or out of DocumentRoot - is _more_ secure than the current default - where any user can run PHPs as www-data.
Thanks for maintaining suPHP!
Jack
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
