[php-maint] Suhosin patch yes or no for 5.4
Ondřej Surý
ondrej at debian.org
Sun Jan 22 19:52:24 UTC 2012
I am saying that you can run cgi script under isolated account,
possibly in chroot,
so the danger is smaller.
O.
On Sun, Jan 22, 2012 at 11:02, Thomas Goirand <thomas at goirand.fr> wrote:
> On 01/22/2012 05:59 PM, Ondřej Surý wrote:
>> Hi,
>>
>> maybe there's another option - keep it enabled/disabled per SAPI.
>>
>> I was thinking - disable in SAPIs where you can have privilege separation
>> (e.g. fpm, cgi, cli) and keep it enabled where it's part of web server
>> (apache2, apache2filter).
>>
>> O.
>
> Are you saying that it has really no point to be used when using as a
> php5-cgi (I still don't have an answer to that one)?
>
> Thomas
>
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint
--
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/
More information about the pkg-php-maint
mailing list