FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 10-02-2011, 10:04 PM
Jure Pečar
 
Default Apache security , Was: Running Apache sites as separate users

On Thu, 29 Sep 2011 21:57:52 -0500
Trey Dockendorf <treydock@gmail.com> wrote:

> On Thu, Sep 29, 2011 at 9:35 PM, Lucian <lucian@lastdot.org> wrote:
>
> > On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf <treydock@gmail.com>
> > wrote:
> > > I had a recent request to improve security on my web servers by having
> > each
> > > website use a different user to run the hosting service.
> ....
>
> I'll give Suexec+fastcgi a look and mod_ruid. Thanks for those
> suggestions

Also check http://mpm-itk.sesse.net/ . It's neat in a sense that users
don't have to fiddle with file permissions, but has a danger that a badly
written php code gives attacker access to all files that $USER owns.



--

Jure Pečar
http://jure.pecar.org
http://f5j.eu
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:33 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org