We are evaluating whether it is possible to deploy Symfony on a shared hosting server in a reasonably safe manner.
So far my impression is that it can't really be done in a typical shared hosting environment. This is because Symfony needs to write to the cache folder, and the cache folder must be writable by "nobody." And our user account on the shared hosting server can only grant that permission by making the cache folder world writable. Since the cache folder is mapped into web server space and is visible in file system space to all of the other hosting customers on the box, this means that any customer on the box can simply modify the PHP files there to do whatever they'd like and then access our potential client's site in order to invoke them. Boom... we're pwn3d. (: There is a newer technique for executing PHP scripts called suPHP which allows PHP scripts to be invoked as the owner rather than as nobody, however this involves the overhead of running PHP as CGI and most shared hosting companies just don't offer it. * * * "World-writable" seems to be only part of the problem. "World-readable" is the other half. Some PHP applications avoid the filesystem entirely, relying entirely on the database. But your database password has to live in a PHP file somewhere, and that file has to be readable by nobody... which means that anyone else on the shared hosting server can get into your database and do whatever they darn well please. * * * Therefore my conclusion, so far, is that running Symfony on a shared host is not a safe choice, but that's probably true for pretty much any PHP site - Symfony based or otherwise. If you want to be even remotely safe, you must either use (1) suPHP or some other setup where PHP or all of Apache runs "as you," (2) a virtual machine (you have root and no one else can see your file system at all), or (3) a dedicated physical machine. This is so unpleasant, it seems like it must be overstating the case. Many reputable providers (pair.com, for instance) provide many tiers of shared hosting plans with increased features at each level, etc. etc. Can it really be true that it's all completely unsafe from the get-go? Or am I missing something? Thanks for your input folks! -- Tom Boutell www.punkave.com www.boutell.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
