Prodtecting users in an Apache hosting environment
What do any of you people out there use to create isolation between your users in Apache? We don't do any CGI, but we need support for PHP. I've started tinkering with open_basedir, but I would like to find a solution other then perchild forking in Apache since no one here seems to know anything about it, and the Apache team isn't supporting it. The goal would be perchild forking like behavior where the UID of the script is used for the process. That way users can't browse other users files freely (since it currently all uses the "www" user).
|