Hello
I have set a webserver for my users.
users have their dirs under the /home dir.
for example
/home/usera
/home/userb
Apache can access the public_html dir under each user's dir
for example
/home/usera/public_html
/home/userb/public_html
Now, every public_html directory is owned by wwwrun:www (unfortunately, this cannot be changed due to a policy)
So far, using php usera can acess userb's files just giving a relevant path (../../userb/public_html) (Safe_Mode is on)
It is obvious that this is a threat.
How could i prevent that php can see anything outside each user's public_html
Thanks in advance.
