[X-Unix] Shared hosting with apache and php, security concerns

[James Avgeris]

On Mar 17, 2004, at 10:26 PM, Scott Haneda wrote:

> I think I need to "jail" all php, perl etc stuff to a particular users
> directory, but I am not sure how to do this.

I think you need to look into suEXEC and/or chroot. The downside I 
believe is that you'll have to run PHP as a CGI rather than an Apache 
module.

If you find out more please post back to the list. I'm very interested 
in this as well.

-Jim