...

View Full Version : Security and Stuff



cmaier
02-10-2006, 05:16 AM
I am currently allowing users on my site to upload files (including php files)... i only allow this at the moment because i know all my users personally. But, i'm working on code to make a "automated" sign-up process and i wanted to continue to allow php files to be executed but there is obviously the security risk. Is there some way (other than modifying server configureation, which i don't have access to) to restrict the "scope" of user php files? (i.e php files in the users's personal directory can ONLY access files in their folder and all subfolders?)

If this is not possible i guess i'll have to disable the php support but i'd like to keep it there.... any ideas?

fci
02-10-2006, 05:45 AM
short answer, no.

cmaier
02-10-2006, 05:50 AM
oh, ok, well that sucks

missing-score
02-10-2006, 07:13 AM
I doubt this is possible the way you are suggesting, you are basically offering a hosting service which is what you would want to use for giving others PHP access. Either way, there is more to worry about than just directory access, people could run scripts which could attempt to slow down and crash your server.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum