"Nick Kew" <[EMAIL PROTECTED]>; [EMAIL PROTECTED]:15 GMT-5
On Thursday 10 February 2005 14:10, Leif W wrote:
Hi, sorry if this is off-topic, but I just want to make sure I
understand this problem. Last month I read an email on another list
(suPHP) in which someone was upset about the security of Apache 2.0.x
with all file i/o and cgi being done by a single user, and the perchild
MPM being broken.
That's rather different. If you care *at all* about security, you won't
be running PHP as a module. So suexec is a complete solution there.
Does this idea extend to any other modules as well? Are they all insecure simply because of Apache's design? Is that where the security problem lies? The module code can not be run as a separate user with fewer privileges per request?
Leif
