Surpass Web Hosting Forums - View Single Post

fhltang · April 20th, 2006, 8:26 AM

Hi,

I recently noticed that my surpass host has changed - now my php scripts run as me, rather than as user "apache". I presume this is a consequence of "phpsuexec" that I read about in these forums.

The impression I get is that phpsuexec is supposed to make things more secure.

However, my concern now is how do I use filesystem permissions to restrict permissions to my files? In the past, I just gave files perms 644 or 755, and since the php scripts run as "apache", they can only read and not write to those files.

With phpsuexec, how do I stop php scripts from potentially writing to my files? How do make sure a vulnerability in a php application won't blow out my mail folders in $HOME/mail ?

How do I disable phpsuexec?

Thanks.

Francis.

April 20th, 2006, 8:26 AM	#1 (permalink)
fhltang Registered User Fresh Surpasser Joined in May 2005 8 posts Gave thanks: 0 Thanked 0 times	how do I disable phpsuexec? Hi, I recently noticed that my surpass host has changed - now my php scripts run as me, rather than as user "apache". I presume this is a consequence of "phpsuexec" that I read about in these forums. The impression I get is that phpsuexec is supposed to make things more secure. However, my concern now is how do I use filesystem permissions to restrict permissions to my files? In the past, I just gave files perms 644 or 755, and since the php scripts run as "apache", they can only read and not write to those files. With phpsuexec, how do I stop php scripts from potentially writing to my files? How do make sure a vulnerability in a php application won't blow out my mail folders in $HOME/mail ? How do I disable phpsuexec? Thanks. Francis.