On Thu, Jan 27, 2011 at 07:33:05PM -0500, Edward Z. Yang wrote: > That might have some unintended consequences, in particular, cache > files should not be shared between users because there's no integrity > checking and a user could "poison" someone elses configuration. Of > course, as it stands right now doesn't work either. Maybe a per > user cache?
one option would be to implement it like this: * /var/cache/php-htmlpurifier is a+rwx * /var/cache/php-htmlpurifier/$username is used for the cache files * This directory's ownership is checked before loading files (it must be owned by $username to ensure only he can alter files in it, return some error otherwise * /var/cache/php-htmlpurifier/$username is automatically created with 664 if it does not exist Locally I fixed it like this for now: lrwxrwxrwx 1 root root 27 Jan 27 22:38 /usr/share/php-htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer -> /var/cache/php-htmlpurifier drwxr-xr-x 4 www-data www-data 4.0K Jan 27 23:00 /var/cache/php-htmlpurifier Like this one can use it at least with www-data instead of root only. -- Sebastian
signature.asc
Description: Digital signature
