Read each others files

ufeg02 · Dec 26, 2006

I am using DA and I got a problem.

Every user on my server can read the php-files of other users when he knows the username of that user.

He can read and parse all the files, so he can view the config file and all the passwords.

Whats the problem with my installation?

DirectAdmin Support · Dec 26, 2006

Hello,

Go to Admin Level -> Php Safemode Configuration.
Enable Open Basedir for all domains. This will prevent php scripts from reading other people's home directories.

Then to tightenup the security for the system user permissions, you can use this option:
http://www.directadmin.com/features.php?id=497
to set the public_html to 750 for new domains (chgrp to apache). This allows only the owner of the files and apache to read the files in the public_html. This only sets the permissions on the public_html for newly created domains, so to set them for existing ones, type:

Code:

cd /home
chgrp apache */domains/*/public_html
chmod 750 */domains/*/public_html

John

Read each others files

ufeg02

New member

DirectAdmin Support

Administrator