Development

SymfonyPHPsuexec (diff)

You must first sign up to be able to contribute.

Changes between Version 11 and Version 12 of SymfonyPHPsuexec

Show
Ignore:
Author:
boutell (IP: 68.84.72.111)
Timestamp:
12/16/08 02:33:23 (8 years ago)
Comment:

Note on security

Legend:

Unmodified
Added
Removed
Modified
  • SymfonyPHPsuexec

    v11 v12  
    44== Note these permissions are only relevant to servers with PHPsuexec == 
    55This is because under PHPsuexec, the Apache service runs as the same user as the owner of the files.  Thus it has full access to them, as it is the same user.  If file permissions are set to to 600 on a different server, "permission denied" errors may result. 
     6 
     7== Security Issues == 
     8 
     9Following these steps is not enough to prevent Symfony from creating world writable PHP files in which other hosting customers could easily overwrite code and take over your site. Please read and understand [wiki:SharedHostingNotSecure Why Symfony is not safe in many shared hosting environments, a patch for some but not all shared hosts, and alternatives to shared hosting] before following this HOWTO. You will need to apply a patch to Symfony before you can safely use it in some suPHP environments. Others are safe because they do not allow other customers' files to be found at all via the file system. 
    610 
    711== How to tell if the shared server is running PHPsuexec ==