On Thu, 29 Sep 2011 21:57:52 -0500 Trey Dockendorf <treydock@xxxxxxxxx> wrote: > On Thu, Sep 29, 2011 at 9:35 PM, Lucian <lucian@xxxxxxxxxxx> wrote: > > > On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf <treydock@xxxxxxxxx> > > wrote: > > > I had a recent request to improve security on my web servers by having > > each > > > website use a different user to run the hosting service. > .... > > I'll give Suexec+fastcgi a look and mod_ruid. Thanks for those > suggestions Also check http://mpm-itk.sesse.net/ . It's neat in a sense that users don't have to fiddle with file permissions, but has a danger that a badly written php code gives attacker access to all files that $USER owns. -- Jure Pečar http://jure.pecar.org http://f5j.eu _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Apache security , Was: Running Apache sites as separate users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: Apache security , Was: Running Apache sites as separate users
- From: Jure Pečar <pegasus@xxxxxxxxxxx>
- Date: Mon, 3 Oct 2011 00:04:54 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <CAN0oX1Z+AxLcZv1F8aA2BW-jXwMdckt8THOCkxQPb938Nws7PQ@mail.gmail.com>
- Organization: Wierdos for a More Interesting Tommorrow
- References:
- Re: Apache security , Was: Running Apache sites as separate users
- From: Trey Dockendorf
- Re: Apache security , Was: Running Apache sites as separate users
- Prev by Date: Re: Tool to track files
- Next by Date: Re: Expunge Old Email
- Previous by thread: Re: Apache security , Was: Running Apache sites as separate users
- Next by thread: CentOS-announce Digest, Vol 79, Issue 11
- Index(es):
 |