• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

suPHP or alternatives

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
scooter77
Just Arrived
Just Arrived


Joined: 20 Apr 2009
Posts: 0


Offline

PostPosted: Mon Apr 20, 2009 1:07 pm    Post subject: suPHP or alternatives Reply with quote

I'm setting up a Linux web server that's running Apache 2.2 and PHP 5. There are several PHP apps and more might be installed later. Some of these apps have their MySQL databases, which I would really like to protect. The passwords database for those, of course, have to be stored in config files readable by PHP.

I'm concerned that a vulnerability might be discovered in one of the other apps that would allow an attacker to execute arbitrary PHP code. Most of the apps are not security-critical themselves, but if all the apps are running under the same identity then the attacker could access all the databases and the entire system is compromised.

I'd like to, as much as possible, limit any compromise to the application that was compromised. suPHP seems like the thing that can do that, but I've had no personal experience with it. From what I've read it hurts performance pretty badly (compared to mod_php). Could anyone offer any advice, preferably based on experience, on whether it works well and what other problems it might bring? Are there any alternatives to it? mod-itk seemed promising, but as far as I can see that only works on a vhost level, not on a directory level as I need.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register