Secure permission structure for server blocks?
reallfqq-nginx at yahoo.fr
Mon Sep 9 09:29:29 UTC 2013
Since the problem comes from the dynamic language PHP, you can create
several pools using different user/group pairs.
You could use 644 (or 640) permissions with user = PHP user on a specific
directory and group = Web server group with read-only permissions.
Raw idea of the big picture, There must be some details to check (such as
verify PHP isolation/jail/chroot inside pools).
My (quick) 2 cents,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx