Suexec vs. serving files from symlinked dir, user doesnt have perms to serve from
Howdy all,
Scenario: Managed VPS, whm,cpanel, etc. I am essentially the only dev working in this server, all the sites are our website clients, we dont sell hosting to anyone or anything like that. Just us serving our clients mostly small-medium websites. Almost all wordpress.
What I want to do is have a central dir with a wordpress theme (in future i might want to have all of wp symlinked, but for now, just a theme). I want to have many sites using this same theme and I want to update one place and have all the sites updated.
I have already made the symlinks as appropriate. I have also visited the tweakphpdir in cpanel or whm and enabled the open_basedir for the sites and that works, I am able to include() from it.
What doesnt work is trying to serve files (css, etc) from that symlinked dir. I am told that this is cuz the 'user' of the site doesnt own the symlinked dir and that suexec is the reason.
So, the question...Given that there will be no nefarious ftp users or sites not under my control, is it dangerous to open things up to allow serving from this symlinked dir? What would be the suggestion security wise to achieve the goal set out in my second paragraph? What about group permissions/ownership?
thanks,
j
|