The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP binarry....

Discussion in 'General Discussion' started by shaun, Jan 21, 2002.

  1. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Client wants me to add these lines to the httpd.conf file. Is this safe. From what he\'s telling me, this will allow him to compile his own php bin with stuff we dont already have compiled into ours. To me this sounds too much like it could be a security problem...

    > > AddHandler php-script php php3 phtml
    > > Action php-script /cgi-bin/php


    What do you guys think?
     
  2. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    Too risky.
    ..... if you give him permission/execution over that binary he\'ll be able to use alpha or beta modules that php.net churns out on the day they do it, creating potential security hazards for anyone on the machine that decides to summon these new modules.

    I\'m not even sure how/if you\'ll be able to syphon off his particular \"segment\" of the php environment so that others on the machine can\'t utilize his additions.

    A bit of a gray area I\'d say.....

    I wouldn\'t do it.

    :eek:
     
Loading...

Share This Page