[CentOS] Apache security , Was: Running Apache sites as separate users

Sun Oct 2 22:04:54 UTC 2011
Jure Pečar <pegasus at nerv.eu.org>

On Thu, 29 Sep 2011 21:57:52 -0500
Trey Dockendorf <treydock at gmail.com> wrote:

> On Thu, Sep 29, 2011 at 9:35 PM, Lucian <lucian at lastdot.org> wrote:
> 
> > On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf <treydock at gmail.com>
> > wrote:
> > > I had a recent request to improve security on my web servers by having
> > each
> > > website use a different user to run the hosting service.  
> ....
> 
> I'll give Suexec+fastcgi a look and mod_ruid.  Thanks for those
> suggestions

Also check http://mpm-itk.sesse.net/ . It's neat in a sense that users
don't have to fiddle with file permissions, but has a danger that a badly
written php code gives attacker access to all files that $USER owns.



-- 

Jure Pečar
http://jure.pecar.org
http://f5j.eu