On Fri, 26 Apr 2002, Jedi/Sector One wrote: > On Fri, Apr 26, 2002 at 02:07:05PM -0700, RSnake wrote: > > cd ~john > > I don't have to know where it is. > > Unless your users have shell access, there's no reason to have anything > but a 'nobody' account in your /etc/passwd & co files. > > If you need entries for suexec to work, have fake ones, with no password, > no shell and /dev/null as a home directory. The only thing Apache+suexec > needs is to map uids to some user name. > or use this patch : www.localhost.nl/patches/apache-nouidresolving which enables 'User "#1000"' in the httpd.conf, always nicer to have uids only where you want them. You do need a seperate ftp/shell box for ppl to upload though ( or uid tricks for those ) , but shouldn't be a problem for mass vhosting providers. -- Sten Spans "What does one do with ones money, when there is no more empty rackspace ?"
This archive was generated by hypermail 2b30 : Sun Apr 28 2002 - 10:32:41 PDT