The original post mentioned having PHP setup, which got me thinking. I know I can run PHP scripts without restriction in my Sites directory as an admin and from the /Library/WebServer/Documents/ directory, but can other users do the same? I would hope not, since they could potentially mess up my whole system with one script.
It's discussed how cgiwrapper uses the users own id so that restrictions for this user are followed. I'm not sure what PHP does, cause if it uses the user directives, then they should probably be restricted to working with files inside their home directory, which is what I would want. I know I have worked with other servers that allow PHP scripts in their user directories, but did not allow the user directory PHP scripts to read or write to any files. I'm not sure I would want to go this far, but I would only want reading and writing to files within the user's own home directory.
Does anyone know what the default setup is for PHP with regards to permissions? And, how should I get it to function as desired if it doesn't already?