Hello, with PHP 7, we'll need to update our PHP abstraction because the paths changed from .../php5/... to .../php7/...
Now the interesting questions are:
- should php7 get its own abstraction, or should we modify the existing
one?
- if 'modify', who will explain our users that abstractions/php5 is
needed for php7? ;-)
Opinions?
I tend to prefer one abstraction for all PHP versions, but the existing
abstractions/php5 isn't the best filename for that ;-)
Another detail I just noticed is that it might be possible to split the
PHP permissions for
a) apache hats - it looks like access for the session storage might be
enough (no need for the *.so or /etc/php7/ [1])
b) the apache main process (which needs all of the PHP abstraction)
Personally, I'm using separate directories for sessions in each vhost,
so a "php-session" abstraction won't be too useful for me. For people
using /var/lib/php[57]/ for all vhost's sessions, it might still be a
good idea (and could prevent allowing all of abstractions/php5 in the
vhost hats).
Regards,
Christian Boltz
[1] that's also true for PHP5 - the apache vhost hats only need to read
and write the session storage (/var/lib/php5/sess_*)
--
...Schweißausbruch, die Cracks fangen an zu antworten ;-)
[Michael Hablitzel zu David Haller in suse-linux]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
