I know that the apache suexec module allows CGI scripts to run as the user and group of the virtual host, but that doesn't seem to be the case for PHP scripts run under the apache php module (mod_php).
So my questions are:
(1) Can we use suexec to force PHP scripts (running under mod_php) to run as the user/group associated with the virtual host? If so, how? Are there any special configuration tricks to make this happen?
(2) If we CAN'T use suexec with mod_php, I assume we can run PHP as CGI to solve our problem. However, I'm worried about performance. Have any of you done this on linux? Is it difficult to configure? Do you have to audit all of your PHP scripts? Etc., etc.
I did read the pages http://www.php.net/security.cgi_bin and http://www.php.net/manual/en/security.apache.php, but did not come away with clear answers to my questions. There were also a lot of contradictory comments at the bottom of those pages, and a whole mess of stuff on google, so I'm getting more lost, not less. Please help!
cheers,
Travis
-- Travis Low <mailto:[EMAIL PROTECTED]> <http://www.dawnstar.com>
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
