Hi! On Fri, 17 Mar 2006 08:24:51 -0400 Miles Thompson wrote: > > Thanks Edwin. I guess it was too late and I couldn't formulate > a proper search expression. > > I'd like to hear Chris Shiflet's opinion on the security advantages > of running PHP5 as CGI. That'd be nice. But as somebody pointed out earlier, one of the advantages is that PHP can run as another user instead of as the apache user. (Of course, it's still considered rather slooow though.) Anyway, there are some more info here: http://www.php.net/manual/en/security.cgi-bin.php > Why, after years of running PHP as an > Apache module, the sudden conversion to CGI operation? Remember, Miles, *your* $Web_Hosting_Company decides (or better yet, *you* decide) whether PHP5 should run as CGI or as an apache module. ;-) > I've noticed occasional references of PHP5 "having issues" > with CPanel. I think it was also pointed earlier (somewhere) that it's the other way around. :-) > Is it simply easier for ISPs, given the intense competitive > cost pressures they are under, to not wrestle with these > issues, but to say "Here it is as a CGI if you want it." I really have no idea (read: lazy to check now ;-) ) what "CPanel" is. If it is a program written in PHP (4?), they could just "fix" it to work with PHP5 -- CGI mode or not. > Regards - Miles Thompson Regards, - Edwin - -- "The showing of partiality is not good, nor that an able-bodied man should transgress over a mere piece of bread." - Proverbs 28:21 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
