We are building a sort of shared hosting web server setup, but everything is managed by a web application on ourdomain.com which has default apache user (www-data) to access everyone’s files.
Everybody has a user_name, and their web_root is
[some_root_folder]/[user_name]
We are creating dynamic virtual hosts using
http://httpd.apache.org/docs/2.0/vhosts/mass.html#xtra-conf
as
[some_root_folder]/[user_name] user_name.ourdomain.com
we do
chown 770 user_name:www-data -R [some_root_folder]/[user_name]
We do not wish to create separate vhosts because that requires apache reload on each signup (i will ask your opinion on creating separate vhosts using mpm-itk on another entry).
Question
If user_michael executes:
<?php echo file_get_contents(‘../user_george/index.php’); ?>
on user_michael.ourdomain.com/index.php
Michael is able to read George’s files because both directories belong to www-data user group (otherwise our web app can’t modify them)
So: How can www-data can modify both Michael's and George's files, but they can't modify each other's, given setup above?
Best Answer
When you run file_get_contents, the user which is reading the ../user_george/index.php file is the same as the web server (www-data) not the owner of the file.
PHP Safe Mode is a solution for this issue, but is deprecated. I'd recommend to check this series for solutions about Security in Shared Hosting.