Re: [CentOS] Apache security , Was: Running Apache sites as separate users

2 Oct 2011


      On Thu, 29 Sep 2011 21:57:52 -0500
Trey Dockendorf treydock@gmail.com wrote:
...
On Thu, Sep 29, 2011 at 9:35 PM, Lucian lucian@lastdot.org wrote:
...
On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf treydock@gmail.com
wrote:
...
I had a recent request to improve security on my web servers by having
each
...
website use a different user to run the hosting service.
....
I'll give Suexec+fastcgi a look and mod_ruid.  Thanks for those
suggestions
Also check http://mpm-itk.sesse.net/ . It's neat in a sense that users
don't have to fiddle with file permissions, but has a danger that a badly
written php code gives attacker access to all files that $USER owns.
-- 

Jure Pečar
http://jure.pecar.org
http://f5j.eu

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] Apache security , Was: Running Apache sites as separate users