I thought files above the public_html were not accessible. This seems like a huge security risk IMHO.
Other info. Both domains are on the same reseller hosting account. Testdomain.com also has wildcard sub-domains turned on bye the web hosting provider.
Are you referring to chmod permissions of the root directory of each domain? I was lead to believe that files located above the public_html web directory were not available to external request. Is this not true?
They are not available to external request, but they are available to internal request. One of your scripts can include a file above public_html. It cannot be accessed directly from the internet, but it is available for your scripts to use. The domains are hosted on the same account and so they have access to the folders in the account including those above public_html.
This is actually pretty handy because your different sites can share code. For example, you can use the same database class between multiple addon sites.
I have been curious as to whether or not each separate reseller account can access other accounts on the same master reseller account. If I have a reseller account with a host using cPanel and I set up two separate accounts for two different people, would they have access to each other’s files or would they have separate user IDs? Maybe someone can chime in with an answer to that question of mine.