Just a question, during the iworx install’s, apache is chrooted or not ?
Because when I use ftp listing with php script, I can access to the " / " of my production server. This is vulnerability for a server and that’s why I am asking this question.
Thank you for your answer
Sorry, overlooked this one.
No, it isn’t. Apache runs as the apache user, if you’re using mod_php, and as the SiteWorx Account unix user if you’re using suphp. Can you read only, or write, too?
Thank you for your help :).
I’m using suphp, user just can read only a few files but can’t write !
I think I’ll enable open_basedir, to lock user on /chroot/home/.
An other question, for ruby on rails, how the script is run ? with a global single user or with siteworx account unix ?
With mod_passenger (which is how we set it up) it should be running as the user.