Re: [PHP] restricting filesystem access
- From: ghamar@xxxxxxxxxxx (Hamar Gábor)
- Date: Mon, 31 Mar 2008 11:10:12 +0200
Hi,
Thank you for the answer.
I am running my site on a shared server, but I can overwrite the options
in the php.ini file. Unfortunately php runs as my user, so changing the
permissions to 644 doesn't work, php is still able to write anything.
Gabor
2008. 03. 31, hétfő keltezéssel 16.51-kor paragasu ezt írta:
I'd like to restrict php code to access the filesystem. I'd like to have
only one directory where the php code can write, create or read files,
and an other directory hierarchy where the php codes present. I need
this to avoid php code to rewrite other php code in case of bug and/or
an attack.
I already tried the open_basedir directive, but it couldn't work because
in this case the executed php have to be in the accessable directory
hierarchy.
Thanks,
Gabor
it depends, if you run your own server (you have root password). then you
can do something
about this. but if you run on shared server, i don't think you have a lot of
options.
if you afraid the php code to rewrite other code (rare case). just chmod all
the php files
to 644.
.
- Follow-Ups:
- Re: [PHP] restricting filesystem access
- From: paragasu
- Re: [PHP] restricting filesystem access
- References:
- restricting filesystem access
- From: Hamar Gábor
- Re: [PHP] restricting filesystem access
- From: paragasu
- restricting filesystem access
- Prev by Date: Re: [PHP] Problem in a generate password function
- Next by Date: Re: [PHP] LDAP in php
- Previous by thread: Re: [PHP] restricting filesystem access
- Next by thread: Re: [PHP] restricting filesystem access
- Index(es):
Relevant Pages
|
