Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Win XP Apache Permissions (outside of htdocs)

Posted on 2004-08-18
1
Medium Priority
?
665 Views
Last Modified: 2011-04-14
Not sure if this is a Apache question or a php question.

I have Win XP Pro, with Apache and PHP 5

I have my doc root folder standard,
it is C:/Apache/htdocs

The problem is, I don't want scripts I write in those folders to access outside that folder.

for instance, I can use ../../ and get to c:/ (this of course in php scripting)
ex. fopen("../../boot.ini","r")   this would be opening c:/boot.ini

How can I stop this?  how can I make the user (well the person who has access to writing scripts and html pages) see the document root as /htdocs or even just / ?
or just make them not have permissions below C:/Apache/htdocs

Thanks
0
Comment
Question by:ThaSmartUno
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
samri earned 1500 total points
ID: 11838485

I would think that you could configure your PHP to restrict the execution of PHP to certain document tree, and preventing them to traverse up the tree.  

At the OS level, you could fine your setting such that Apache would have a different User/Group, and restrict filesystem access to those that is allowed.  This should be fine.  I  haven't tried this, but in theory it should work.

Personally, I would prefer the 2nd options.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses
Course of the Month8 days, 8 hours left to enroll

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question