Hi, > But what I am saying is that
> mod_php + multiple apache instances == real virtual hosting > The performance penalty and other restrictions of PHP-cgi invalidates that > approach as far as I am concerned. The idea is quite good. Still, I would prefer a suEXEC-like approach. >> I'm not saying it's not possible, but this is not a *CLEAN* solution. >> What you are suggesting me is a workaround, nothing more. There is >> nothing on php.net about your solution, so you must admit it's not a >> standard solution. > Sure it is. And there is stuff on it at php.net. Plenty of it under > conf.php.net. But no, it isn't in the PHP manual because that manual is > not supposed to teach ISPs how to do their jobs. I'll browse though conf.php.net later, BUT the manual *IS* actually something which should teach ISPs how things work and inform them about common pitfalls and security issues. You cannot expect from every admin to know just about everything. YOU know exactly how these things work, but I've been on enough systems where PHP was installed and even safe_mode was turned Off. Yes, that are damn lousy admins, but it just shows how people deal with this topic. PHP is always presented as /the ultimate/ tool for RAD and a perfect out-of-the-box solution (which is true from a usability point of view, but not from a security point of view). If I browse through "Security Issues" on http://www.php.net/manual/en/security.apache.php and the only useful information is the first user contribution. It is not emphasized enough that mod_php + safe_mode alone is not suitable for virtual hosting. > You don't really understand safe-mode then. Correct, if the apache user > has no perms to read something, then regardless of the same-mode setting, > a php script cannot read it. But the converse is not true. If the Apache > user id has unix-level perms to read something, then safe-mode very much > affects whether the file can actually be read and this has everything to > do with safe-mode. That's what safe-mode is for. It checks the owner of > the file and compares it to the owner of the current script. If the two > don't match you get a safe-mode error and you can't read the file. > [..] > If /etc/* is owned by root and your php script is not owned by root, then > unless you configured something terribly wrong, your script should not be > able to read a root-owned file. This is my fault, I was confused by readdir(), which isn't affected by the safe_mode at all. I will write a bug report on this. Kind Regards, Daniel Lorch -- @echo "Hello, World"; -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
