Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is SuPHP really secure?

Discussion in 'General Discussion' started by trhosting.net, Oct 12, 2008.

  1. trhosting.net

    trhosting.net Well-Known Member

    Joined:
    Mar 7, 2006
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Turkey
    It is always said that SuPHP is secure. But i don't know why.

    SuPHP is using php as cgi. So then it is possible for everyone to overwrite every value in php.ini.

    For example i set open_basedir for users and i don't want them to load any php extensions for security. But with SuPHP (php as cgi) anyone can put a local php.ini on his web page directory and bypass my security settings. Can load custom extensions and may abuse my server.

    So where is the SuPHP security?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. constantine

    constantine Active Member

    Joined:
    Apr 15, 2008
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    56
    any update ?
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice