PHP AND PERL security

Hi

I have installed apache +php +perl on a windows xp machine. A user uploaded a php script which allowed him to browse through any dir he wished, so i set open_basedir = . which stopped him but created problems like phpbb giving errors and other things. Please suggest someother way of stopping a user from leaving his own folder.

Also with perl someone uploaded a perl script which allowed him to gain chroot access on the same machine.
Please suggest some ways to stop this
Thanks

 

 

 

 

Top