On Wed, Jun 13, 2007 at 01:52:01AM +0200, Tomasz Pala wrote: > - PHP as CGI run via suexec - performance penalty, but the only one solution > solving problem of inherited EUID for exec(), system() etc.
There is also another one, safe and easy solution: PHP running as FastCGI, external to the web server. It is the natural solution for lighttpd, but Apache doesn't seem to like FastCGI (there is not mod_fastcgi included in Apache httpd sources). FastCGI application (including PHP interpreter) may be running on a different account or even a different server then the web server process. It can also be started on demand, by the webserver, like regular CGI, but once started it may server many requests. When FastCGI application crashes it doesn't break the main webserver process (as opposite to mod_* solutions). IMHO the Apache's modules approach (mod_php, mod_python, mod_perl) is broken by design (interpreter built into the server process cannot be made multiuser and safe) and suexec and similar are only workarounds for CGI limitations. Maybe PLD could prepare some framework for running PHP applications via FastCGI under Apache? But there still a problem similar to switching to lighttpd: some people just want or need mod_php/Apache and we won't help them by providing other, even better (in some ways) solution. Greets, Jacek _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en