I understand why some programs are set up that way. I've got feelers out on the forums for the software as well. But it seems almost unworkable for some software. My personal opinion, is to never use a system-wide user such as I believe that each virtualhost should have its own separate home, separate tmp directory (for storing session files, etc), mail storage within the home and have a completely isolated environment (like a jail shell), with limited access to system resources.ĭescription PHP should ****NEVER**** have write access to or ownership of the files it executes, or the directories they reside in. Overall, administration is much easier in the above structure, than storing emails under /opt/Maildir/ and web files under /var/That is just my personal view, others prefer to do things differently. This system also gives me several extra abilities, for example I can just move a /home/virtualhost/ directory to another server quite easily, or even have multple home directories like /home1/ and /home2/ which may be stored on separate GlusterFS clusters. Overall, administration is much easier in the above structure, than storing emails under /opt/Maildir/ and web files under /var/That is just my personal view, others prefer to do things differently.ĭescription My personal opinion, is to never use a system-wide user such as I believe that each virtualhost should have its own separate home, separate tmp directory (for storing session files, etc), mail storage within the home and have a completely isolated environment (like a jail shell), with limited access to system resources. This allows me to place very strict file permissions like 0600/0700 and my web application will work fine. home/virtualhost/mail (email storage for dovecot)Īll apache and PHP execution runs as the user virtualhost and has strict limits via SELinux and PHP's open_basedir. home/virtualhost/etc/ (passwd, aliases, quota, etc) home/virtualhost/public_html/ (web directory, with a www symbolic link) While I don't like some aspects of cPanel, I do agree with their security model and I use something similar in my own custom systems, for example: #3 is the best solution, best implemented by changing the group of the upload directory to My personal opinion, is to never use a system-wide user such as I believe that each virtualhost should have its own separate home, separate tmp directory (for storing session files, etc), mail storage within the home and have a completely isolated environment (like a jail shell), with limited access to system resources. It just takes one security vulnerability, and now you're phishing, hosting a reverse shell, spamming, participating in an outbound DoS, or otherwise compromised, because an attacker used PHP to write a malicious script into a place where it could be executed. #3 is the best solution, best implemented by changing the group of the upload directory to PHP should NEVER have write access to or ownership of the files it executes, or the directories they reside in. Description PHP should ****NEVER**** have write access to or ownership of the files it executes, or the directories they reside in.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |