Re: mod_php vs fastcgi/php speed
On Fri, Mar 19, 2004 at 04:22:27PM +0100, Arkadiusz Miskiewicz wrote:
> Right now running apache and having multiple virtual hosts for multiple
> clients is not secure. Each client can look into others *.php, *.inc files,
> read for example database passwords from these files etc.
suexec is meant to improve the situation, though it has proven
quote inflexible for my purposes. I have written a suexec
compatible wrapper called csux that allows for, for example,
specifying a different execution uid than the program's owner.
(suexec runs everything with the uid of owner, unless you're
using virtual hosts which you can't if you're communicating over
https...). I think it's an important security gain, because this
way a c****y PHP script won't be able to read/write arbitrary
files in its web repository.
Seven deadly sins | 1024D/37B8D989 | Seven signs
Seven gates to hell | 954B 998A E5F5 BA2A 3622 | Seven lies
Seven world wonders | 82DD 54C2 843D 37B8 D989 | Seven days
Seven years bad luck | http://sks.dnsalias.net | Seven dreams