It is for this specific reason that utilities like suPHP can be used as
a powerful tool to at least keep the account user from shooting anyone
but him/herself in the foot because of any configuration or broken
security issues. Allowing suexec to anyone but a seasoned, responsible
admin is IMO
... ciao:
: on 8-10-2013 Gichuki John Chuksjonia writ:
: most of the Admins who handle webservers
: in a network are also developers
name , just a few
: most of the organizations will always need to cut on expenses,
history suggests, security breaches, are NOT a profit center.
Am 10.08.2013 16:52, schrieb Tobias Kreidl:
It is for this specific reason that utilities like suPHP can be used as a
powerful tool to at least keep the
account user from shooting anyone but him/herself in the foot because of any
configuration or broken security
issues. Allowing suexec to
On 2013-08-11 Reindl Harald wrote:
Am 10.08.2013 16:52, schrieb Tobias Kreidl:
It is for this specific reason that utilities like suPHP can be used
as a powerful tool to at least keep the account user from shooting
anyone but him/herself in the foot because of any configuration or
broken
for doing this features in httpd.conf you can use AllowOverride None instead
of AllowOverride all
AllowSymlinks is a red herring here (hardlinks should do, unless you
have stuff partitioned in a very thoughtful way, which most don't),
similarly to suexec.
In general, sharing web hosting
Am 11.08.2013 14:50, schrieb Ansgar Wiechers:
On 2013-08-11 Reindl Harald wrote:
Am 10.08.2013 16:52, schrieb Tobias Kreidl:
It is for this specific reason that utilities like suPHP can be used
as a powerful tool to at least keep the account user from shooting
anyone but him/herself in the
Agreed. Many sites limit users to at most SymLinksIfOwnerMatch for that
very reason, not to mention limits on CGI privileges. AllowSymlinks,
IMO, ought to be reserved for the sysadmin on the server and used
sparingly. You can, of course, even require .htaccess configurations to
be set in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2736-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
August 11, 2013