Date: Sat, 2 Oct 2004 14:53:27 -0700 (PDT) From: "Richard Lynch" <ceo@l-i-e.com> To: "John Oxley" <john.oxley@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Disk quotas Message-ID: <1221.66.243.145.38.1096754007.squirrel@www.l-i-e.com> In-Reply-To: <ba2001e5041002022945d07f7a@mail.gmail.com> References: <ba2001e5041002022945d07f7a@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
John Oxley wrote: > has gallery setup on his webpage and the albums directory is chmod > 707'd so that httpd can write to it. Does that user realize that everybody else on the server can use PHP to write web content to that directory?... Perhaps if a defacement example were demonstrated, he'd move those files out of his web directory, and add in some PHP scripts to read/write the image files with validation-checking, such as using http://php.net/getimagesize to make sure the image file *IS* an image file. > The problem is that httpd creates files as http:group and quota is not > picking up that he is using more disk space than we want him to. One possibility, if you are running Apache 2.0, is to set each PHP user on a directory by directory basis in httpd.conf Or so I've been told. Never done it yet. It cannot (readily) be done in Apache 1.x -- Like Music? http://l-i-e.com/artists.htm
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1221.66.243.145.38.1096754007.squirrel>