Re: [Mod-fcgid-users] security problem, possible DoS : fcgid large file uploading and input buffering

2007-05-08 Thread Gabriel Barazer
Hello, BTW, no one other than me is worried by the security problem due to large file uploading I described below ? On 04/30/2007 15:21:29 +0200, Gabriel Barazer [EMAIL PROTECTED] wrote: Hello, I experienced recently some problmes since a customer is doing large file uploads with PHP

Re: [Mod-fcgid-users] security problem, possible DoS : fcgid large file uploading and input buffering

2007-05-08 Thread Janis Volbergs
Hi! Why not limit maximum size of the data to be uploaded? This should be an easy patch to mod_fcgi. And about buffering, it would be more safe to have temporary files. However, this might get insecure, if the server has multiuser environment. E.g. other users might easily steal those

[Mod-fcgid-users] 500 internal server error - problem getting fastcgi to run at all! please, need help!

2007-05-08 Thread Tamer Higazi
Hi people! I don't know how to go on further, but I did the installation instructions to get PHP 5.2.2 running as fast-cgi on Apache2. Can somebody help me? I followed the exact configuration steps mentioned in the sample configuration as well I compiled PHP with the --with-fastcgi option. My