Est. 2003
Home Help Login Register
News: Welcome to ZboX Webhosting.
10 Megs

10 MB Disk
1 GB Transfer
$10.00 per year 		25 Megs

25 MB Disk
2 GB Transfer
$25.00 per year 		50 Megs

50 MB Disk
3 GB Transfer
$50.00 per year 		75 Megs

75 MB Disk
4 GB Transfer
$75.00 per year 		500 Megs

500 MB Disk
10 GB Trans
$100.00 yr.

+  ZboX Webhosting Est. 2003. Now in our Fourth year!
|-+  Help!
| |-+  Problems and/or Questions
| | |-+  Are users sandboxed from each other?		 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Are users sandboxed from each other?  (Read 226 times)
DJ Mike
Mega ZboXian
***
Offline Offline

Posts: 83
Are users sandboxed from each other?
« on: March 16, 2008, 04:43:52 AM »
I was going over my books preparing to make my tutorials for file uploads and FTP and got to the part on permissions. It makes me appreciate Paul Ding's biggest reason for not liking PHP. Since PHP runs as the same user as the server, the directory it is uploading to must be 777. On most servers, that means that anyone on the same servers can then upload to it too. I read that some hosts, "sandbox" their users so on user cannot hack another. Is thet the case for zbox?
Logged

ZboX
Founder
Administrator
Posting Maniac
*****
Offline Offline

Posts: 1311


What 'ya got there??
Re: Are users sandboxed from each other?
« Reply #1 on: March 16, 2008, 10:01:20 AM »
Quote from: DJ Mike on March 16, 2008, 04:43:52 AM
I was going over my books preparing to make my tutorials for file uploads and FTP and got to the part on permissions. It makes me appreciate Paul Ding's biggest reason for not liking PHP. Since PHP runs as the same user as the server, the directory it is uploading to must be 777. On most servers, that means that anyone on the same servers can then upload to it too. I read that some hosts, "sandbox" their users so on user cannot hack another. Is thet the case for zbox?

Hi MIke,
At ZboX we run php as a cgi in phpsuexec mode. Normally php runs as an apache module and it executes as the user/group of the server. That requires directory permissions to be 777 for php.

Running phpsuexec however enables scripts to run under your user/group and directories can only have a max permission of 755. That is much more secure. That is the way the new server is running also.

~;-)

Bert
Logged
Homepage / Community: http://zboxhosting.com

Contact: sales@zboxhosting.com
"When all is said and done, there's nothing left to say or do!"
dlilahl
Mega ZboXian
***
Offline Offline

Posts: 74
Re: Are users sandboxed from each other?
« Reply #2 on: April 02, 2008, 07:32:39 AM »
Hi Bert...Is it possible to use the codes you posted for 777 to be used in a .htaccess? 

Similar to the php5 .htaccess?  Tks.

lila
Logged
ZboX
Founder
Administrator
Posting Maniac
*****
Offline Offline

Posts: 1311


What 'ya got there??
Re: Are users sandboxed from each other?
« Reply #3 on: April 02, 2008, 07:43:39 AM »
Quote from: dlilahl on April 02, 2008, 07:32:39 AM
Hi Bert...Is it possible to use the codes you posted for 777 to be used in a .htaccess? 

Similar to the php5 .htaccess?  Tks.

lila


Hi Lila,
It depends on what the need for 777 is. If you email me about it I can take a look at the script. A separate php.ini file might be required.

~;-)

Bert
Logged
Homepage / Community: http://zboxhosting.com

Contact: sales@zboxhosting.com
"When all is said and done, there's nothing left to say or do!"
ZboX
Founder
Administrator
Posting Maniac
*****
Offline Offline

Posts: 1311


What 'ya got there??
Re: Are users sandboxed from each other?
« Reply #4 on: April 02, 2008, 11:37:33 AM »
Quote from: dlilahl on April 02, 2008, 07:32:39 AM
Hi Bert...Is it possible to use the codes you posted for 777 to be used in a .htaccess? 

Similar to the php5 .htaccess?  Tks.

lila


We've discovered that the script Lila was asking about does not need 777 permissions. 755 works just fine.

~;-)

Bert
Logged
Homepage / Community: http://zboxhosting.com

Contact: sales@zboxhosting.com
"When all is said and done, there's nothing left to say or do!"
Pages: [1] Go Up Print 
« previous next »
Jump to:  


Login with username, password and session length

ZboX Webhosting Est. 2003. Now in our Fourth year! | Powered by SMF 1.0.10.
© 2005, Simple Machines LLC. All Rights Reserved.
Page created in 0.086 seconds with 20 queries.