Re: Window Server 2003 R2 x64 Std Apache/PHP/Tomcat Security

Matti Kiviharju kirjoitti:
I have a Window Server 2003 R2 x64 Std and want to ask how to set Apache and PHP Security and Security of Tomcat.

In my installation with Apache 2 and PHP 5 is possible to make/list folder/files to C: root and every where in server.

How to I setup these user settings like there only to possible to make things above only in wanted folders and exec function can be used only for run chosen applications. I know how to set in php.ini that exec function is not possible and that php files can be ran only in chosen folders but that not fix everything. In my install Apache can but only configured folders to public by VirtualHost but PHP seems to can be do everything. So if I try to but non-configured folder to apache VirtualHost it tells me that there is not any read/write rights to this folder. That seems to work and Apache haves atomatically made security settings and user accounts.


And the wath is problem? Apache works but with PHP I can run command exec('format C:'); and then it is end ofthe story if I don't dissable exec function on php.ini. That is not what I want. I want that format C: is only able to run with admin account and PHP is always ran with account that can not execute commands like format c:.
.