I am struggling to find a solution to a problem.
Using PHP I have written a script to check some security settings. The PHP file list all the accounts in the /home directory then scans through public_html folders, opens up config files and gets the username and password to the MySQL databases for other users, connect to MySQL etc. I guess you can then read all mail from other peoples accounts too.
I am trying to prevent any read access through PHP outside the accounts home.
However I have tried to provision all profiles as supplied by EasyApache but can stop the script from doing above?
I must be missing something big here? Any comments would help
Using PHP I have written a script to check some security settings. The PHP file list all the accounts in the /home directory then scans through public_html folders, opens up config files and gets the username and password to the MySQL databases for other users, connect to MySQL etc. I guess you can then read all mail from other peoples accounts too.
I am trying to prevent any read access through PHP outside the accounts home.
However I have tried to provision all profiles as supplied by EasyApache but can stop the script from doing above?
I must be missing something big here? Any comments would help