GoranTornqvist
Verified User
In httpd.conf:
<VirtualHost 192.168.0.1:80>
ServerAdmin webmaster@myserver
AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
DocumentRoot /var/www/html
ServerName localhost
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
CustomLog /var/log/httpd/homedir.log homedir
php_admin_value open_basedir /home/:/tmp/:/var/www/:/usr/local/lib/php/:/etc/virtual/
</VirtualHost>
Is it possible to change "/home" in open_basedir string to something like /home/$1 like in the AliasMatch?
As I see it, if a user uses his temporary adress http://server/~username he can execute scripts in other users homedirs...am I right...or wrong?
<VirtualHost 192.168.0.1:80>
ServerAdmin webmaster@myserver
AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
DocumentRoot /var/www/html
ServerName localhost
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
CustomLog /var/log/httpd/homedir.log homedir
php_admin_value open_basedir /home/:/tmp/:/var/www/:/usr/local/lib/php/:/etc/virtual/
</VirtualHost>
Is it possible to change "/home" in open_basedir string to something like /home/$1 like in the AliasMatch?
As I see it, if a user uses his temporary adress http://server/~username he can execute scripts in other users homedirs...am I right...or wrong?