[php-maint] Suhosin patch yes or no for 5.4
ondrej at debian.org
Sun Jan 22 19:52:24 UTC 2012
I am saying that you can run cgi script under isolated account,
possibly in chroot,
so the danger is smaller.
On Sun, Jan 22, 2012 at 11:02, Thomas Goirand <thomas at goirand.fr> wrote:
> On 01/22/2012 05:59 PM, Ondřej Surý wrote:
>> maybe there's another option - keep it enabled/disabled per SAPI.
>> I was thinking - disable in SAPIs where you can have privilege separation
>> (e.g. fpm, cgi, cli) and keep it enabled where it's part of web server
>> (apache2, apache2filter).
> Are you saying that it has really no point to be used when using as a
> php5-cgi (I still don't have an answer to that one)?
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
Ondřej Surý <ondrej at sury.org>
More information about the pkg-php-maint