[PHP-DB] security in PHP under Apache
hi there does anyone know how to make PHP run as a different user than the default one (nobody i believe). I have many users with websites and would like them to be able to run PHP under their usernames so as to ensure security. Though I'm not sure this is possible unless I install PHP as a CGI binary and use something like suExec (I currently have it as an Apache module, and would like to leave it that way). best wishes, simon --- Studio 24 Ltd | tel. 01223 501 892 PO Box 88 | fax. 0870 063 1216 Cambridge | mob. 07974 074 547 CB4 1XH | www.studio24.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] security in PHP under Apache
PHP runs via Apache, so it adopts the user that Apache uses, essentially. You can use a program like sudo to allow them to run certain commands on the server. Jonathan -Original Message- From: Simon R Jones [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 23, 2001 10:31 AM To: [EMAIL PROTECTED] Subject: [PHP-DB] security in PHP under Apache hi there does anyone know how to make PHP run as a different user than the default one (nobody i believe). I have many users with websites and would like them to be able to run PHP under their usernames so as to ensure security. Though I'm not sure this is possible unless I install PHP as a CGI binary and use something like suExec (I currently have it as an Apache module, and would like to leave it that way). best wishes, simon --- Studio 24 Ltd | tel. 01223 501 892 PO Box 88 | fax. 0870 063 1216 Cambridge | mob. 07974 074 547 CB4 1XH | www.studio24.net -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] security in PHP under Apache
But how do you set it so a webuser would run sudo? That sounds pretty dangerous, to me. I have a similar situation where I want PHP to create a subdirectory and set privileges to it based on the login user. I end up having to create the directory by hand via SSH and then run the php script. Terry On Wednesday, May 23, 2001, at 12:36 PM, Jonathan Hilgeman wrote: PHP runs via Apache, so it adopts the user that Apache uses, essentially. You can use a program like sudo to allow them to run certain commands on the server. Jonathan -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] security in PHP under Apache
Check out suExec on the Apache website. Also, Apache 2 allows each virtual host to run as a different user - this alleviates some security issues. --zak - Original Message - From: Terry Romine [EMAIL PROTECTED] To: Jonathan Hilgeman [EMAIL PROTECTED] Cc: 'Simon R Jones' [EMAIL PROTECTED]; PHP-DB (E-mail) [EMAIL PROTECTED] Sent: Wednesday, May 23, 2001 1:12 PM Subject: Re: [PHP-DB] security in PHP under Apache But how do you set it so a webuser would run sudo? That sounds pretty dangerous, to me. I have a similar situation where I want PHP to create a subdirectory and set privileges to it based on the login user. I end up having to create the directory by hand via SSH and then run the php script. Terry On Wednesday, May 23, 2001, at 12:36 PM, Jonathan Hilgeman wrote: PHP runs via Apache, so it adopts the user that Apache uses, essentially. You can use a program like sudo to allow them to run certain commands on the server. Jonathan -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
