second draft :)
This commit is contained in:
Marc Delisle
@@ -1772,24 +1772,26 @@ $cfg['TrustedProxies'] =
|
||||
|
||||
This is needed for native MS Excel export, see
|
||||
<a href="#faq6_23"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
||||
6.23</a> and for workaround limitations of open_basedir for uploaded
|
||||
6.23</a> and to work around limitations of
|
||||
<tt>open_basedir</tt> for uploaded
|
||||
files, see <a href="#faq1_11"><abbr title="Frequently Asked Questions">FAQ</abbr>
|
||||
1.11</a>.
|
||||
<br /><br />
|
||||
|
||||
If you have server configured with open_basedir, you need to create
|
||||
temporary directory in some directory, where it can be acessed by web
|
||||
server. However for security reasons, best is also to have it outside
|
||||
tree published by webserver. If you can not avoid having this
|
||||
directory published by webserver, place at least empty
|
||||
<code>index.html</code> file there, so that directory listing is not
|
||||
If the directory where phpMyAdmin is installed is subject to an
|
||||
<tt>open_basedir</tt> restriction, you need to create a
|
||||
temporary directory in some directory accessible by the web
|
||||
server. However for security reasons, this directory should be outside
|
||||
the tree published by webserver. If you cannot avoid having this
|
||||
directory published by webserver, place at least an empty
|
||||
<tt>index.html</tt> file there, so that directory listing is not
|
||||
possible.
|
||||
<br /><br />
|
||||
|
||||
This directory should have as strict permissions as possible as only
|
||||
user required to access to this directory is the one who runs
|
||||
webserver. If you have root privileges, simple make this user owner of
|
||||
this folder and make it accessible only by him:
|
||||
This directory should have as strict permissions as possible as the only
|
||||
user required to access this directory is the one who runs the
|
||||
webserver. If you have root privileges, simply make this user owner of
|
||||
this directory and make it accessible only by it:
|
||||
<br /><br />
|
||||
|
||||
<pre>
|
||||
@@ -1797,7 +1799,7 @@ chown www-data:www-data tmp
|
||||
chmod 700 tmp
|
||||
</pre>
|
||||
|
||||
If you can not change owner of the directory, you can achieve similar
|
||||
If you cannot change owner of the directory, you can achieve a similar
|
||||
setup using <abbr title="Access Control List">ACL</abbr>:
|
||||
|
||||
<pre>
|
||||
|
||||
Reference in New Issue
Block a user