Secure permission structure for server blocks?
B.R.
reallfqq-nginx at yahoo.fr
Mon Sep 9 09:29:29 UTC 2013
Since the problem comes from the dynamic language PHP, you can create
several pools using different user/group pairs.
You could use 644 (or 640) permissions with user = PHP user on a specific
directory and group = Web server group with read-only permissions.
Raw idea of the big picture, There must be some details to check (such as
verify PHP isolation/jail/chroot inside pools).
My (quick) 2 cents,
---
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130909/5530379e/attachment.html>
More information about the nginx
mailing list