I create 2 Virtual Hosts for 2 projects
/var/www/project1 and /var/www/project2
if I call in the navigator project1.eg.com work fun
if I call project2.eg.com work fun too,
Suppose the Project1 is maintained by a malicious php programmer, programmer and this commit solve a script that takes a reading from the /var/www/project2 to check the files contained therein? this is possible since the apache needs to read and execute permissions on the directories of projects.
How do I make it safe?
The same happens when I enable php in home user, eg.
/home/project1/public_html ==> projects.eg.com/~project1
/home/project2/public_html ==> projects.eg.com/~project2
A script any Project1 can do a scan in the archives of Project2.
A script project1 can scan files in the project2.