[webapps] PHP files owner
Jacek Konieczny
jajcus at jajcus.net
Wed Jun 13 09:19:10 CEST 2007
On Wed, Jun 13, 2007 at 01:52:01AM +0200, Tomasz Pala wrote:
> - PHP as CGI run via suexec - performance penalty, but the only one solution
> solving problem of inherited EUID for exec(), system() etc.
There is also another one, safe and easy solution: PHP running as
FastCGI, external to the web server. It is the natural solution for
lighttpd, but Apache doesn't seem to like FastCGI (there is not
mod_fastcgi included in Apache httpd sources).
FastCGI application (including PHP interpreter) may be running on
a different account or even a different server then the web server
process. It can also be started on demand, by the webserver, like
regular CGI, but once started it may server many requests. When FastCGI
application crashes it doesn't break the main webserver process (as
opposite to mod_* solutions).
IMHO the Apache's modules approach (mod_php, mod_python, mod_perl) is
broken by design (interpreter built into the server process cannot be
made multiuser and safe) and suexec and similar are only workarounds for
CGI limitations.
Maybe PLD could prepare some framework for running PHP applications via
FastCGI under Apache? But there still a problem similar to switching to
lighttpd: some people just want or need mod_php/Apache and we won't help
them by providing other, even better (in some ways) solution.
Greets,
Jacek
More information about the pld-devel-en
mailing list