I've a debian linux server with apache2.2 & php5 installed.
I've created many virtual hosts on my apache server, each virtual host has a separate root directory & php is enabled for all of them. Now I need to limit php scripts in each virtual host in some manner that they can only read, write or modify only in v-host root directory & it's sub-directories (& not parent directories), in other hand, I want create a jail for scripts which are running on every virtual host.
For example, php scripts that located in /var/www/vhost1 can only access to files in same directory & sub-dirs & they don't have access to /var/www/host2 files (not for read nor modifying them).
any idea?
You would need to create a jail for each and every host and run PHP via CGI/FASTCGI with chroot set to the right directory.
Well, i doubt you cant even achieve that within single CPANEL/account. its a horror (you have to set
open_basedir,allowOverride,safe_modeand even other restrictions are needed for cgi/perl/cron-jobs...you'd better to use Reseller(WHM) account, or DirectAdmin(cpanel alternative) Multi-user.