Quote:
Originally Posted by sundialsvcs
There's copious material out there on that. Each domain-definition should occupy its own set of "<location>s" and have its own set of directives ... and the PHP software which runs the site (which will probably run as "nobody") must be configured so that it will not attempt to read any outside locations, even though it can. The software must also be configured so that "rogue" URLs, including ".."s and such, are not honored. Spend 10 minutes surfing Google and you will have days' worth of material to ponder.
|
Yeah well maybe im doing it wrong but I haven't found anything related to my question could you tell what you wrote in google search?
I have managed to make /var/www kinda chroot by using open_basedir but it still doesn't fixes my issue with permissions with diffrent domain if user1 manages to exploit web1 he will have READ access to web2 too .
structure of my server
/var/www/web1 phpcgi user/group
/var/www/web2 phpcgi2 user/group
when somebody will be able to exploit web1 he will have READ access to web2 too. I don't want to do that.