We have a webserver with a couple of customers and they are all using
PHP. Does anyone have any good tips on how to secure PHP (this is when
you start flaming me for not being specific) or if we even have to
worry about it? We have replaced the PHP installation from Apple for
the one that Marc builds at Entropy because we needed support for GD
so this is somewhat of a more general question about OS X Server and
PHP vs Security.
While reading the above, keep in mind that a default OSX install
comes with one apache master process only, running as user/group
www/www. So, any PHP code will run as that same www/www too. In
other words, if customer A and customer B are allowed to put their
own PHP code on your server, either you trust A and B (and they
trust each other), or you have to take some provisions.
There are ways of mitigating this issue, by using basedir's for instance.
--
-dhan
------------------------------------------------------------------------
Dan Shoop AIM: iWiring
Systems & Networks Architect http://www.iwiring.net/
email@hidden http://www.ustsvs.com/
1-646-217-4725
iWiring provides systems and networks support for Mac OS X, unix, and
Open Source application technologies at affordable rates.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
References:
>Securing PHP? (From: Christian Enqvist <email@hidden>)
