[pkg-lighttpd] Bug#573320: lighttpd: Don't run Lighttpd as www-data
md at Linux.IT
Wed Mar 17 18:23:55 UTC 2010
On Mar 10, Olaf van der Spek <OlafvdSpek at GMail.Com> wrote:
> Would it be possible to start FastCGI processes via spawn-fcgi and to run Lighttpd as another user than www-data (maybe user lighttpd)?
> I think this improves security as FastCGI processes can no longer touch Lighttpd (and it's log files).
I believe that the correct solution would be to start the FastCGI
processes as a different user (or multiple different users, e.g. one per
web site or site component).
This would not require changing the lighttpd default configuration.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
More information about the pkg-lighttpd-maintainers