Question for Bladesnitz re: PHP

[Light Speed]

My current host just switched PHP from running as Apache module to running as CGI and they enabled phpsuexec.

Are there and plans for Matrix to do the same (please say no)?

No, running php as CGI would be a horrible thing to do.

Kind of beats the point, doesn't it?

[Light Speed]

Thanks

Yes it is a pain in the A$$ and that's why I am moving here today

Thanks Bladenitz!

[Garreg]

Duh !
I expect you won't be the only one leaving them

[bootNumlock]

for someone that is by no stretch an expert in php, apache or cgi -- why would a host choose to make such a move?

[Light Speed]

They say they did it for security.

PHP as module writes ownership as nobody so in theory users/account holders could gain access to other account holders data. They wanted to run phpsuexec which utilizes php as cgi so new things written have ownership of user. It also limits your permissions to a more restictive level for php files.

Not sure if my explanation is exactly right but you get the idea.

Seems like a good sys admin should have a better way to make a secure environment.

Of course PHP does not have a security record that I'd call stellar. I presume that that's their prime cause of concern. They're also pretty damn fast on the draw when it comes to patching bugs.

Since you'll find PHP running as user nobody (or www or httpd or whatever apache runs as), the potential for abuse concerns access control and race conditions rather than privilege escalation. The threat to system security is low. User data are more vulnerable than the system itself if an exploitable hole is found in PHP.

We reckon that our userbase accepts that risk and trusts us to be on the ball and stay current. If you're going to run CGI, you might as well use Perl. PHP was designed to bypass the mess that CGI can sometimes be, and suexec of any flavour carries risks of its own and is an evil we prefer to do without as much as possible.

[Light Speed]

I agree.

That's why I signed up here today

If the userbase consists of business oriented people then the risk is greatly reduced. If some idiot comes in ban him and inform other hosting providers of this person.

In the near future, we may be able to support Apache2, which lets HTTPD threads run under different user/groups. Thats kinda like suexec for cgi, except its for the basic httpd process - without a huge performance hit (in theory).

Its a really neat feature. Then only you and your httpd process have access to your files... as it stands now, I think you have to 777 dirs if want php to be able to save there... Not quite sure

Apache2 is rather nice, but will hsphere suppor tthe change anytime soon, as I remember the config files are a bit different (at least when I used the early apache2 versions they differed a bit)

[Brangwyn]

Would that in anyway fix the issue that exists today with disk allocations being wrong ? right now theres seems to be a bit of an issue with files uploaded to the server via php scripts etc becuase if done this way the file is then owned by HTTPD, H-Sphere calculates disk usage based on owner so folks are able to exceed their disk allocations basically by just uploading files via script rather than FTP.