[nycphp-talk] Pair Network's "security" model - could it be this bad?
Chris Shiflett
shiflett at php.net
Wed Jun 2 14:13:37 EDT 2004
--- Jayesh Sheth <jayeshsh at ceruleansky.com> wrote:
> - when you setup a domain, you can choose whether PHP scripts are
> run an apache module (aka "running as Apache") OR as CGI (aka
> "running as my user")
The CGI approach can definitely help, but only if you take advantage of
it. You must restrict access to sensitive scripts to your user, otherwise
there's no point.
> - scripts are disabled from reading outside of their domain-files
> directory (something is changed in PHP's configurationhere )
> ["open_basedir Restrictions in effect, file is in wrong directory"]
>
> - scripts cannot access external programs ["backticks (``), system(),
> exec(), passthru()" are disabled]
What kind of scripts? This sounds like it might be limited to PHP scripts.
Are the attackers you're worried about only proficient in PHP? This seems
unlikely to be always true.
> Please correct me if this seems incorrect.
Based on the email from Mark Armendariz, it sounds like this host might
use a chroot jail for each account, and each jail has its own Apache. This
is one of the most secure approaches, but shared servers are never going
to be as secure as dedicated ones. This is one of the tradeoffs.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security - O'Reilly
Coming Fall 2004
HTTP Developer's Handbook - Sams
http://httphandbook.org/
PHP Community Site
http://phpcommunity.org/
More information about the talk
mailing list