Here is my problem. domain#.com can write a cgi script that can read any file in the other domain#'s.com...

$file="/home/web/domain1.com/.pass/.htpasswd";
open(TEST,$file);
while (<TEST>) { print h4("here: $_"); }
close(TEST);

So you can see why this is a big problem.

Taking away CGI is not an option. I'm thinking this has to do with user/group / chmod permissions. I've been trying different combo's but my brain has shut down and I could really use some experienced peoples advise.

Please take a look at the following directory listings:

<pre>
[root@linux /home]$ ls -al
drwxr-xr-x 5 root apache 4096 Aug 22 10:23 .
drwxr-xr-x 21 root root 1024 Sep 3 22:24 ..
dr-xr-xr-x 15 apache apache 4096 Sep 3 23:03 web
[root@linux /home]$ cd web/
[root@linux /home/web]$
dr-xr-xr-x 15 apache apache 4096 Sep 3 23:03 .
drwxr-xr-x 5 root apache 4096 Aug 22 10:23 ..
drwxrwxr-x 3 root apache 4096 Aug 29 11:27 bak
drwxrwxr-x 9 root domain1 4096 Sep 3 18:10 domain1.com
drwxrwxr-x 9 root domain2 4096 Aug 28 14:25 domain2.com
drwxrwxr-x 9 root domain3 4096 Aug 28 14:25 domain3.com
drwxrwxr-x 11 root domain4 4096 Sep 3 18:49 domain4.com
drwxrwxrwx 2 root apache 4096 Sep 3 19:12 temp
</pre>

Apache is run as apache/apache, all file permissions are -R, and if I'm leaving anything out let me know!

Thank you for your help.

-Brock