Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Prevent access shared server using PHP
- Date: Tue, 01 Mar 2011 20:19:00 -0600
- From: <pietro@example.com>
- Subject: Re: [tlug] Prevent access shared server using PHP
- References: <4D6D0A40.5000208@example.com> <4D6D96AA.9010004@example.com>
- User-agent: RoundCube Webmail/0.3.1
On Wed, 02 Mar 2011 10:00:26 +0900, Darren Cook <darren@example.com> wrote: > Will you use http://antitese.org/sshjail/ or something else? I found many solutions to obtain the same result. I'm still thinking which one to use. Any suggestions? The OS is CentOS. > Are you trying to prevent accidental access, or do you think your users > will be actively trying to hack? I cant say. I trust in some people but others will be completely strangers, so I have to be paranoid. > Setting open_basedir could stop some accidental stuff. > > There is suhosin: > http://www.hardened-php.net/suhosin/index.html Thanks I'll check this. In case it becomes too slow, if I have to rollback, I wonder how painful could it be. > P.S. The existence of suhosin is a better argument for PHP being > insecure (while also nicely quantifying the degree of the insecurity) > than any of the others I saw. ;-) Basically developers will deal with WordPress and some custom plugins. Cheers Pietro
- References:
- [tlug] Prevent access shared server using PHP
- From: Pietro Zuco
- Re: [tlug] Prevent access shared server using PHP
- From: Darren Cook
- [tlug] Prevent access shared server using PHP
- Prev by Date: Re: [tlug] Prevent access shared server using PHP
- Next by Date: Re: [tlug] Prevent access shared server using PHP
- Previous by thread: Re: [tlug] Prevent access shared server using PHP
- Next by thread: Re: [tlug] Prevent access shared server using PHP
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |