Re: Document the bug fix policy regarding PHP Safe Mode

To: debian-security@lists.debian.org
Subject: Re: Document the bug fix policy regarding PHP Safe Mode
From: Florian Weimer <fw@deneb.enyo.de>
Date: Thu, 14 Jul 2005 14:03:02 +0200
Message-id: <[🔎] 87slyhioi1.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 20050714115301.GA29688@ultimate> (Andreas Gredler's message of "Thu, 14 Jul 2005 13:53:01 +0200")
References: <[🔎] 87slyipngi.fsf@deneb.enyo.de> <[🔎] 20050714115301.GA29688@ultimate>

* Andreas Gredler:

> On Wed, Jul 13, 2005 at 08:31:25PM +0200, Florian Weimer wrote:
>  
>> <h2>Alternatives</h2>
>> 
>> <p>Most large ISPs who run customer PHP scripts on shared hosting
>> servers do not use <code>mod_php</code> (or other forms of direct
>> integration into a web server), but use the CGI version of PHP, <a
>> href="http://httpd.apache.org/docs/suexec.html";>suEXEC</a>, and a
>> different user account for each customer and proper permissions.  This
>> way, the operating system enforces the usual restrictions.</p>
>
> Is there a security related difference between running suexec and
> running mod_php with suphp?

I don't think so, but I'm not familiar with suphp.  In the meantime,
I've been told that people like the performance improvement compared
to suexec and the CGI approach, but that's all I know about it.

Reply to:

References:
- Document the bug fix policy regarding PHP Safe Mode
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Document the bug fix policy regarding PHP Safe Mode
  - From: Andreas Gredler <jimmy@g-tec.co.at>

Prev by Date: Re: Document the bug fix policy regarding PHP Safe Mode
Next by Date: WG: critical bug in cacti
Previous by thread: Re: Document the bug fix policy regarding PHP Safe Mode
Next by thread: Re: Document the bug fix policy regarding PHP Safe Mode
Index(es):
- Date
- Thread