Hi Folks
I'm running a Gentoo system of less than 10 users.
What kind of setup would you recommend in order to:
- not let user1 view files of user2
- not let user1 internally view web files of user2
- let only nginx view each user's web files
- let only php-fpm view/edit user's web files
- avoid public writable subfolders of php apps
I'm currently running:
- nginx under nginx:nginx permissions
- php-fpm via unix socket also nginx:nginx
- /home/users are usually chown 705user1:users
- i've tried chown 750 user1:nginx on /home/users too
I have a feeling php-fpm pools running as user's uid might solve the php-fpm side,
but that still doesn't solve the nginx side
So, got any recommendation on all this?
[link][2 comments]