NYCPHP Meetup

[nycphp-talk] shared server security [Session problem on virtual host]

Ajai Khattri ajai at bitblit.net
Thu Jan 20 16:59:43 EST 2005


David Mintz wrote:

>
>
>I forgot to mention another possible solution. Run in cgi mode under
>php-cgiwrap, so your scripts run as you; then chmod your scripts to 600 so
>others (such as 'nobody' and your fellow hosting customers) can't read
>them.
>

suexec does this too.
The only problem is the performance hit with CGI (not sure if 
mod_fastcgi will help here).

On our new shared web server, for security, no customers have shell 
access ;-)

-- 
Aj.
Systems Administrator / Developer




More information about the talk mailing list