On Sun, Dec 08, 2002 at 10:57:32PM +0100, Jochen Kächelin wrote: > Will perchild work on the next release or are there any other > workarounds to secure php-scripts (module) such as suEXEC and cgis?
if you *need* mod_php instances that run as seperate users the easiest solution is to reverse proxy instances of Apache running on different ports (and ideally, only listening on localhost), each running as the desired user. To make the most of it use mod_rewrite and mod_proxy, and try to avoid proxying non-dynamic content for the sake of efficiency. There are some disadvantges, the only access you have to the originating IP address is HTTP_X_FORWARDED_FOR, it's a lot more management and can complicate scripts if they rely on thigns like SERVER_NAME. -- [EMAIL PROTECTED] PubKey: [EMAIL PROTECTED] Web: http://devnull.redbrick.dcu.ie/
