troubleshooting Question

VirtualHost per user, security problem?

Avatar of sindrit
sindrit asked on
Apache Web Server
4 Comments1 Solution1963 ViewsLast Modified:
Here is my problem.  I´m using Apache 2.0 on Fedora 2.

 I have a server with one httpd running with a few virtual hosts, each "owned" by a different user.  But for apache to have access to /home/bob/example.com bob has to have all his stuff set to read access for everyone, including mal.  Mal will ofcourse use this to fetch Bob´s database passwords from the php code in example.com and etc...

How can I set up permissions in Linux to allow apache access to both /home/mal/example.net and /home/bob/example.com but not allow mal to access bob and vice versa?



PS. This is what is in httpd.conf:
 <VirtualHost *:80>
    ServerAdmin mal@example.net
    DocumentRoot /home/mal/example.net
    ServerName example.net
    ...
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin bob@example..com
    DocumentRoot /home/bob/example.com
    ServerName example.com
    ...
</VirtualHost>
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros