On Tue, Feb 10, 2004 at 04:06:37PM +0000, Lewis Thompson wrote:
> On Tue, Feb 10, 2004 at 03:56:08PM +0000, Peter Risdon wrote:
> > Not that I know of, but have you considered compiling apache with 
> > suexec? Assuming your other users have seperate logins, this might work. 
> > You can have apache execute scripts as the appropriate user, not www. 
> > That way, a 700 permission should prevent other users from reading your 
> > scripts.
> I read some stuff about this.  I got the impression it required using
> PHP as a CGI, instead of mod_php.  Am I wrong in thinking this?  The
> overhead of using PHP as CGI is a little too high because the server is
> already pretty stretched...

Have a look at /usr/ports/www/suphp - be warned though, last time I
looked at it the checks it uses to ensure UID 0 scripts aren't executed
did not work correctly on FreeBSD.

One slightly more complicated option is to rearrange your user/group
permissions on a server-wide basis - there's a detailed description in
this post:



Jez Hancock
 - System Administrator / PHP Developer

http://jez.hancock-family.com/  - Another FreeBSD Diary
http://ipfwstats.sf.net/        - ipfw peruser traffic logging
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to