Apache and chroot

Hi all,

Just a question, during the iworx install’s, apache is chrooted or not ?

Because when I use ftp listing with php script, I can access to the " / " of my production server. This is vulnerability for a server and that’s why I am asking this question.

Thank you for your answer :slight_smile:

No answers ? :frowning:

Sorry, overlooked this one.

No, it isn’t. Apache runs as the apache user, if you’re using mod_php, and as the SiteWorx Account unix user if you’re using suphp. Can you read only, or write, too?

Tim

Hi Tim,

Thank you for your help :).

I’m using suphp, user just can read only a few files but can’t write !

I think I’ll enable open_basedir, to lock user on /chroot/home/.

An other question, for ruby on rails, how the script is run ? with a global single user or with siteworx account unix ?

Thanks :slight_smile:

With mod_passenger (which is how we set it up) it should be running as the user.

Thank you Tim :slight_smile: