second draft :)
This commit is contained in:
Marc Delisle
@@ -1772,24 +1772,26 @@ $cfg['TrustedProxies'] =
|
|||||||
|
|
||||||
This is needed for native MS Excel export, see
|
This is needed for native MS Excel export, see
|
||||||
<a href="#faq6_23"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
<a href="#faq6_23"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
||||||
6.23</a> and for workaround limitations of open_basedir for uploaded
|
6.23</a> and to work around limitations of
|
||||||
|
<tt>open_basedir</tt> for uploaded
|
||||||
files, see <a href="#faq1_11"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
files, see <a href="#faq1_11"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
||||||
1.11</a>.
|
1.11</a>.
|
||||||
<br /><br />
|
<br /><br />
|
||||||
|
|
||||||
If you have server configured with open_basedir, you need to create
|
If the directory where phpMyAdmin is installed is subject to an
|
||||||
temporary directory in some directory, where it can be acessed by web
|
<tt>open_basedir</tt> restriction, you need to create a
|
||||||
server. However for security reasons, best is also to have it outside
|
temporary directory in some directory accessible by the web
|
||||||
tree published by webserver. If you can not avoid having this
|
server. However for security reasons, this directory should be outside
|
||||||
directory published by webserver, place at least empty
|
the tree published by webserver. If you cannot avoid having this
|
||||||
<code>index.html</code> file there, so that directory listing is not
|
directory published by webserver, place at least an empty
|
||||||
|
<tt>index.html</tt> file there, so that directory listing is not
|
||||||
possible.
|
possible.
|
||||||
<br /><br />
|
<br /><br />
|
||||||
|
|
||||||
This directory should have as strict permissions as possible as only
|
This directory should have as strict permissions as possible as the only
|
||||||
user required to access to this directory is the one who runs
|
user required to access this directory is the one who runs the
|
||||||
webserver. If you have root privileges, simple make this user owner of
|
webserver. If you have root privileges, simply make this user owner of
|
||||||
this folder and make it accessible only by him:
|
this directory and make it accessible only by it:
|
||||||
<br /><br />
|
<br /><br />
|
||||||
|
|
||||||
<pre>
|
<pre>
|
||||||
@@ -1797,7 +1799,7 @@ chown www-data:www-data tmp
|
|||||||
chmod 700 tmp
|
chmod 700 tmp
|
||||||
</pre>
|
</pre>
|
||||||
|
|
||||||
If you can not change owner of the directory, you can achieve similar
|
If you cannot change owner of the directory, you can achieve a similar
|
||||||
setup using <abbr title="Access Control List">ACL</abbr>:
|
setup using <abbr title="Access Control List">ACL</abbr>:
|
||||||
|
|
||||||
<pre>
|
<pre>
|
||||||
|
|||||||
Reference in New Issue
Block a user