suPHP
If I enable suPHP while rebuilding PHP and Apache using easyapache, what are the chances of the existing PHP applications breaking? We are also using Fantastico. Is there any chance of any application built using Fantastico getting broken? I really want to know what problems I may face if I decide to enable suPHP.
Permissions, permissions, permissions. .htaccess - But mostly permissions.
Did I mention permissions?
When moving from DSO (mod_php) to SuPHP - the biggest factor in applications breaking is permissions on files/directories.
SuPHP will not execute code on a file that has to high permissions (like 777). All your files and directories should be reset to their default. Yes, SuPHP still can write to a file/directory that has standard permissions.
Hurray for executing code as the user!
.htaccess - SuPHP does not allow .htaccess files to set variables for PHP like it once did.
Previously you may have had things like php_flag register_globals on in your .htaccess file. This will stop any code from running.
Any php flag must now be set in a php.ini file in the SAME directory as the executing code.
register_globals = on
is the new syntax you'll be using.
Also note, you should do some research on people using php.ini files in their own directory - as if it's there - your global php.ini file is ignored. There are many workarounds/fixes/solutions/ideas about this particular "feature", search the forums for SuPHP + php.ini.
Hope this helps.
(Oh, and er, permissions)
Do you mean, we can put custom php.ini files in each user's public_html directory so that he can have his own PHP permissions instead of the global php.ini? If a user has done some settings in the .htaccess directory, will he be supposed to do the same in the custom php.ini file?
With suPHP you can NOT have php flags in the .htaccess files.
Each site that needs custom php config will have to have its own php.ini in its public_html folder.
And as Darren said
suPHP will NOT allow 0777 files or directories to execute.Permissions, permissions, permissions. .htaccess - But mostly permissions
LinkBack URL
About LinkBacks
Reply With Quote