Date: Thu, 29 Apr 2004 16:16:04 -0400 From: Marty Landman <MLandman@face2interface.com> To: Mikkel Christensen <mikkel@talkactive.net>, freebsd-questions@freebsd.org Subject: Re: Suexec with Apache 1.3.29 Message-ID: <6.0.0.22.0.20040429160121.136e6220@pop.face2interface.com> In-Reply-To: <200404291954.04559.mikkel@talkactive.net> References: <200404262126.36157.mikkel@talkactive.net> <200404291713.13999.mikkel@talkactive.net> <6.0.0.22.0.20040429140657.11cf1120@pop.face2interface.com> <200404291954.04559.mikkel@talkactive.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:54 PM 4/29/2004, Mikkel Christensen wrote: >But lets face it, if you have many users on your webserver some will do so >occasionally (eg. many users take advantage og fora like PHPBB and PHPNuke >which stores the database password in cleartext). And when they do you >will have to deal with the mess as the administrator. I don't know those in particular though I've heard of them. Am more a developer than sysadmin. Unfortunately stuff happens. PHP isn't going to run under suexec though so how is this relevant? >Also the problem when running a webserver with many users you don't know >is to get them to use the right permissions. Hmm, people very commonly drive cars which have precise rules for driving, and rules of the road for driving in community. Yet we don't witness accidents every hour at every intersection. Why? IMO it's because the average person has a healthy sense of survival and the intelligence to learn reasonable care. Of course bad drivers have burdensome insurance costs to weight against their poor driving records. What incentive/education do bad hosting customers have? >All this suexec does no good if the users apply chmod 777 (and trust me >some do!) to all their files:( I'd argue that the web, like driving, isn't for everyone. /It is/ for everyone willing to learn and apply the rules of the road. People have been sold the concept that they can get cheap or free hosting, cheap or free web design (perhaps by a niece or friend's computer genius kid) and make $$ sitting at home checking their email. This has led to cheap computers with often horrendous technical support and minimal QA at the factory, ridiculously simple minded security holes at gazzillions of urls, and a relatively small percentage of decently made and easy to use sites, with an even smaller percentage making at least a little bit of money. Sorry for the rant. :) Marty Marty Landman Face 2 Interface Inc. 845-679-9387 Web Installed Formmailer: http://face2interface.com/Products/Formal.shtml FormATable DB: http://face2interface.com/Products/FormATable.shtml Make a Website: http://face2interface.com/Home/Demo.shtml
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.0.20040429160121.136e6220>