Migration from mod_ruid2 to DSO only and public file permission

[Archmactrix]

Using DSO and mod_ruid2 has been going rather well the last year. But when using mod_ruid2, it restricts me too much from choices I can make when wanting to experiment with other modules, so I've been thinking about stop using mod_ruid2.

1. If I stop using mod_ruid2 on my server, how will it affect the file permissions in the public directory when using DSO only, do I need to adjust the file permissions, like setting it to 777, to make files writable when needed, or is there a way to make it unnecessary?

2. It's my understanding, and correct me if I'm wrong, when using DSO on a server for only one user, it has less security implications than using it on a multi user server?

 

[cPanelMichael]

1. If I stop using mod_ruid2 on my server, how will it affect the file permissions in the public directory when using DSO only, do I need to adjust the file permissions, like setting it to 777, to make files writable when needed, or is there a way to make it unnecessary?

This depends on the specific scripts that you have installed. Some scripts may require files/directories with 777 permissions with DSO, which can be insecure.

2. It's my understanding, and correct me if I'm wrong, when using DSO on a server for only one user, it has less security implications than using it on a multi user server?

There is some truth there because it's easier to distinguish which account is responsible for the PHP "nobody" processes, but it does not change the insecure permissions that are sometimes required for scripts to work with DSO.

Thank you.