Re: shared hosts and MP2 security

2004-12-24 Thread Perrin Harkins
Nick *** wrote: PHP workarounds this problem with the OPEN_BASEDIR directive (http://www.php.net/manual/en/features.safe-mode.php). In addition to what Markus said, I would point out that many mass-hosters just run PHP through CGI because it's the only way to get real security. There is a fair a

Re: shared hosts and MP2 security

2004-12-24 Thread Nick ***
>BTW, please wrap your paragraphs to max 80 characters, unfortunately many >email clients still can't properly wrap longer lines at display or quote time. Didn't know that. Sorry. > >> PHP workarounds this problem with the OPEN_BASEDIR directive. I don't know >> how secure this is, but it

Re: shared hosts and MP2 security

2004-12-24 Thread Markus Wichitill
BTW, please wrap your paragraphs to max 80 characters, unfortunately many email clients still can't properly wrap longer lines at display or quote time. PHP workarounds this problem with the OPEN_BASEDIR directive. I don't know how secure this is, but it seems it works No it doesn't. As I wrote,

Re: shared hosts and MP2 security

2004-12-24 Thread Nick ***
> Оригинално писмо >От: Stas Bekman <[EMAIL PROTECTED]> >Относно: Re: shared hosts and MP2 security >До: Markus Wichitill <[EMAIL PROTECTED]> >Изпратено на: Четвъвтък, 2004, Декември 23 23:09:20 EET >-- >

Re: shared hosts and MP2 security

2004-12-23 Thread Stas Bekman
Markus Wichitill wrote: Stas Bekman wrote: Markus Wichitill wrote: There's also the metux MPM project which was meant to replace the perchild MPM, but that project seems to be mostly dead, too. No fear, there is Metux MPM http://www.metux.de/mpm/en/ which should do the same and better. I haven't

Re: shared hosts and MP2 security

2004-12-23 Thread Markus Wichitill
Stas Bekman wrote: Markus Wichitill wrote: There's also the metux MPM project which was meant to replace the perchild MPM, but that project seems to be mostly dead, too. No fear, there is Metux MPM http://www.metux.de/mpm/en/ which should do the same and better. I haven't tried it myself, but it

Re: shared hosts and MP2 security

2004-12-23 Thread Stas Bekman
Nick *** wrote: Let's assume that I have a web server with 50 virtual hosts. This web server is apache2 running as user nobody and has php installed. I've set php's OPEN_BASEDIR option for every VHost, so I can restrict the users' IO access outside their directories. Now I want to install MP2 on

Re: shared hosts and MP2 security

2004-12-23 Thread Stas Bekman
Markus Wichitill wrote: Nick *** wrote: Let's assume that I have a web server with 50 virtual hosts. This web server is apache2 running as user nobody and has php installed. I've set php's OPEN_BASEDIR option for every VHost, so I can restrict the users' IO access outside their directories. Now

Re: shared hosts and MP2 security

2004-12-23 Thread Markus Wichitill
Nick *** wrote: Let's assume that I have a web server with 50 virtual hosts. This web server is apache2 running as user nobody and has php installed. I've set php's OPEN_BASEDIR option for every VHost, so I can restrict the users' IO access outside their directories. Now I want to install MP2 on th

shared hosts and MP2 security

2004-12-23 Thread Nick ***
Let's assume that I have a web server with 50 virtual hosts. This web server is apache2 running as user nobody and has php installed. I've set php's OPEN_BASEDIR option for every VHost, so I can restrict the users' IO access outside their directories. Now I want to install MP2 on the same server