User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2
Christian Enqvist wrote:
We have a webserver with a couple of customers and they are all using
PHP. Does anyone have any good tips on how to secure PHP (this is when
you start flaming me for not being specific) or if we even have to
worry about it? We have replaced the PHP installation from Apple for
the one that Marc builds at Entropy because we needed support for GD
so this is somewhat of a more general question about OS X Server and
PHP vs Security.
While reading the above, keep in mind that a default OSX install comes
with one apache master process only, running as user/group www/www. So,
any PHP code will run as that same www/www too. In other words, if
customer A and customer B are allowed to put their own PHP code on your
server, either you trust A and B (and they trust each other), or you
have to take some provisions.
HTH,
Axel
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
