Apache, PHP and virtualhost security


I am in the process of migrating from a windows system to a LAMP server (openSUSE 11) mostly for security reasons. I have all the web components up and running (Apache with PHP5 and MySQL) but I still have one major hurdle to overcome. It goes like this

I have 3 sites hosted on the same server using name based virtual hosts, they are (just for example):-

served from /home/ian/public_html
linux user ‘ian’ has required permissions on this directory

served from /home/dodgygeezer/public_html
linux user ‘dodgygeezer’ has required permissions on this directory

served from /home/kmoore/public_html
linux user ‘kmoore’ has the required permissions on this directory

In the current config it is possible for a PHP script run on ian.com to access files on either of the other two virtual hosts and the same goes the other way around. Is it possible to prevent this? (I’m sure it must be)

For example can I force any requests for ian.com to be served with the permissions of user ian and any requests for www.twoburgers.com to be served with the permissions of user kmoore. This way the scripts would only be able to access files in their own user directories and not interfere with the other sites.

Each site has its own virtualhost section in httpd.conf so could I configure it there? Or would it be a php configuration?

A bit more hunting around the web has led me to believe that I may need to use PHP differently with apache (not as an Apache module as I am at the moment) and a program called suEXEC.
This looks a bit complicated so I would rather not persue it if I’m barking up entirely the wrong tree. If this IS the correct way to go then learn it I must and any help / suggestions would be greatly appreciated.


PHP scripts run as the webserver account, wwwrun. PHP scripts are not independent executables, they are in a sense extensions of the apache server. So the owner of the PHP files doesn’t come into it at all. So any user can own the files and it makes no difference. The one user that should not own the files is wwwrun. The exceptions are those files and directories that are to be writable from the webapp, like upload directories, logs, etc.