Hi i have problem with Securing PHP. I`am running apache under user www-data and all my domains have same user and group (for simle FTP settings) www-data too. That`s mean, that /www/domain.com and /www/domain.com have same owner, and I want disable access from domain 1 do domain 2. I enabled safe_mode, but safe mod only watching if their owner is the owner of the PHP scripts, that mean , that now users can`t access to system, but still have access to other domains, because they have same uid and gid, if I understand correct.
Yes there is also open_basedir, but he watching only whole directories, but not acctuall if I understand correct...
It`s possible to secure PHP with this configuration?
