Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Feb 2006
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Security and Stuff

    I am currently allowing users on my site to upload files (including php files)... i only allow this at the moment because i know all my users personally. But, i'm working on code to make a "automated" sign-up process and i wanted to continue to allow php files to be executed but there is obviously the security risk. Is there some way (other than modifying server configureation, which i don't have access to) to restrict the "scope" of user php files? (i.e php files in the users's personal directory can ONLY access files in their folder and all subfolders?)

    If this is not possible i guess i'll have to disable the php support but i'd like to keep it there.... any ideas?

  • #2
    fci
    fci is offline
    Senior Coder
    Join Date
    Aug 2004
    Location
    Twin Cities
    Posts
    1,345
    Thanks
    0
    Thanked 0 Times in 0 Posts
    short answer, no.

  • #3
    New to the CF scene
    Join Date
    Feb 2006
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    oh, ok, well that sucks

  • #4
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I doubt this is possible the way you are suggesting, you are basically offering a hosting service which is what you would want to use for giving others PHP access. Either way, there is more to worry about than just directory access, people could run scripts which could attempt to slow down and crash your server.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •