> You can avoid a lot of the problems by making sure > that apache can't write anywhere that is mounted with execute > capability. >
Or install a security module to do that for you. One that I've written that is nearing the end of its beta: https://github.com/cormander/tpe-lkm In some cases, you can even tell it to let apache not exec anything at all, if you're not running cgi scripts or bytecode php deployments (zend, etc). -- Corey _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
