Quote:
Originally Posted by flashweb
Only very few clients need custom php.ini, for them just copy php.ini to their folder. Disadvantage is they can do whatever they need, for example if you have some functions disabled on your server for security, user can enable them. They get full control can create security problem.
|
What you describe is the custom configuration for the old phpSuExec mode.
This problem does not exist if you run your PHP as SuPHP!
PHP overrides are restricted to PHP.INI file only and any custom PHP.INI
files are specified in the HTTPD.CONF and their locations and the files
themselves need not be user accessible.