My experience with PHP and suexec was less than favorable. It is a requirement for me that different virtual hosts have different PHP admin settings (some sites don't need globals, some do). I haven't found a way to accomplish this virtual host dependent configuration using PHP in CGI mode. Since PHP+suexec needs to run in CGI mode, my virtual host configs wouldn't apply. I'm guessing that with Suexec enabled, I can disable safe_mode and globals across the board and not significantly lower my host security, though I would like to use the layered method of security if possible.
However, there seems to be a patch to Apache which would fix this. Also, I hear Apache 2.0 does something like suexec does natively. So my question is: Are you running in CGI mode, or did you patch Apache? I would greatly appreciate any other comments you think are related. thanks hank On Thu, Feb 06, 2003 at 10:25:52AM -0700, Vector wrote: > I am running them both and have not yet had performance problems. I stress > tested the server before putting it into production and performance was > acceptable so I went ahead with it. I don't remember what the metrics were > now it's been too long. suexec is particularly handy if you have multiple > vhosts or have user home directories that are cgi-enabled so you can keep > the users and their programs honest. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]