From owner-freebsd-isp@FreeBSD.ORG Mon Feb 16 14:00:05 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFEFE16A4CE for ; Mon, 16 Feb 2004 14:00:05 -0800 (PST) Received: from mx2.dobleJ.net (243.Red-213-97-10.pooles.rima-tde.net [213.97.10.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA64D43D1F for ; Mon, 16 Feb 2004 14:00:04 -0800 (PST) (envelope-from juanjo.listas@dobleJ.net) X-Server: Reenviado vía mx2.dobleJ.net From: Juan Jose Sanchez Mesa To: X-Mailer: PocoMail 3.03 (1740) - Licensed Version Date: Mon, 16 Feb 2004 22:55:57 +0100 Message-ID: <2004216225557.966318@juanjo> In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable cc: isp@freebsd.org Subject: RE: Apache and home directories (file browser). X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2004 22:00:06 -0000 > > What happens when someone else loads up the same type of package. They= can > then go scrolling through everyone else's directories. > In PHP, use safe_mode to avoid this. > > /home/joe/access_list <--- Access list for Joe's .htaccess files > /home/tim/public_html/file_add.php <-- Some script Tim has in his > directory > If you set open_base_dir value to '/home/tim/public_html/', the PHP executed= in this vhost, can't access any directory/file below it.