So it's, at the time of this writing, 2:47 AM. Keep this in mind. I was looking at my webserver configuration. I am in love with Suexec. It's a gift from god for web hosts. Not only does it secure your directories, but as a bonus it forces your users to keep their stuff secure (i.e. by not running scripts in 777 directories, et al).
Wonderful stuff. So then I looked at suexec with php, which pretty much breaks embedded php scripts, and requires that most freely available scripts be modified in a now-unfamiliar and non-standard way, i.e. sticking a php shebang in the scripts. As a bonus, it's slower. So then I found suPHP, and while it looked interesting at first, as it comes with an apache module, and a suid program, I thought it was exactly what I needed. Nope, it still runs in CGI mode. I think there's a couple benefits, but I still think that if PHP had always been a CGI, it would have NEVER gained the popularity it has. So then I had a thought. What about a stub program, similar to suexec, that instead of running all the php scripts and the php CGI binary, merely handles all the file operations that php would. Ideally it would speak to the httpd via pipes or something. This would be similar to the way safe mode presently operates (as in, it would do the same permissions checks on file reads for UID and GID, except that it would, at least for file writes (and optionally, for reads), fork a quick process that handled the file operations. Also, it could possibly do more than UID/GID checks, and actually check permissions, ala suexec. Am I making no sense here? Or is this actually doable? I tend to think if it WAS feasible some other company would have done it and would be selling it now, but in simple terms, I'd love to know why it CAN'T be done. I've thought about the fact that "you're still slowed down by the forking of a separate process", but I'd much rather fork only on file writes, while things like SQL-based message boards getting thousands of hits a day still run at full-speed. This would also solve the biggest bane of my existence, the fact that I can't find a half-decent way of making it so that users can't read each others' MySQL login info, usually sitting in the config.php of some script. This would solve that too. (Safe mode would solve it, but safe mode is known for breaking too much else.) Am I insane? If so, please tell me why. How much would I have to donate to the apache foundation to get this feature written if it is feasible? :) -Dan Mahoney -- "There is no right and wrong, there is only fun and boring." -Fisher Stevens, "Hackers" --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --------------------------- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
