Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Prevent access shared server using PHP



On Wed, 02 Mar 2011 10:00:26 +0900, Darren Cook <darren@example.com> wrote:

> Will you use http://antitese.org/sshjail/ or something else?

I found many solutions to obtain the same result. I'm still thinking which
one to use.
Any suggestions? The OS is CentOS.

> Are you trying to prevent accidental access, or do you think your users
> will be actively trying to hack?

I cant say. I trust in some people but others will be completely
strangers, so I have to be paranoid.

> Setting open_basedir could stop some accidental stuff.
> 
> There is suhosin:
>  http://www.hardened-php.net/suhosin/index.html

Thanks I'll check this.
In case it becomes too slow, if I have to rollback, I wonder how painful
could it be. 

> P.S. The existence of suhosin is a better argument for PHP being
> insecure (while also nicely quantifying the degree of the insecurity)
> than any of the others I saw. ;-)

Basically developers will deal with WordPress and some custom plugins.

Cheers

Pietro


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links