[users@httpd] Security APACHE, PHP and CGI
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
We have a site with several subdomains hosted, but the webmasters of these
subdomains are not allowed to use their own CGI nor PHP.
The box runs under Fedora with Apache 1.3, and webmasters of subdomains are
not users of the OS, they share the account of a user (the owner of the main
domain where subdomains are hosted).
I would like to offer php and cgi support, but I am worried about security.
I know that PHP can be configured in secure mofe and that we can control
access to directories.
But CGI is too powerful, and a CGI program can access a lot of files in the
server.
suExec is not a solution, because webmasters could access files in other
subdomains (they share the same account).
Is there any solution to host subdomains with php and cgi without compromise
server and subdomains security?
thanks
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]