On 02:01:19 Nov 17, Daniel Ouellet wrote: > > > This doesn't apply here because the library is pre-loaded before the > httpd is chrooted. > > More details: > > Pre-loading Shared Libraries > > To extend the functionality of the webserver it can dynamically load > shared libraries, e.g. a database access library. Shared libraries for a > binary program are normally loaded by the runtime linker when the > program is invoked (and thus before it can call the chroot system call). > Thus shared libraries like the mod_php PHP4 module, which is linked as a > shared library to the httpd program when it is started, impose no > problem. PHP4 will be available whether your httpd is started chrooted > or not because the shared library is loaded before the chroot() system > call is invoked. PHP4 itself, however, does dynamically load additional > functionality at runtime and as needed. If you try to access a > PostgreSQL function in PHP4 e.g. then it will fail in a chrooted httpd > because only the PHP4 module is dynamically linked to httpd but not the > PostgreSQL client library. The latter is loaded (mapped) to the running > httpd executable by PHP4. > > This was for php4 but also apply to php5 as the modules are loaded > before the chrooted take place. > > Hope this help this a little and to avoid users to run httpd with -u.
Thanks. ;) I did not know this. -Girish
