Solution to Shared Hosted Servers with mod_php?

Hi,

On a shared-server with PHP compiled as a module, we have a security problem, which is the user can write malicious code to either snoop around other customer's directory or hack the system since the script is being run as apache (nobody) instead of the customer own user id. SuEXEC only solves the PHP CGI, but not the PHP module. safe_mode or open_base_dir is not the ultimate solution too.

Recently I came across a site which the developer claims that the patch he developed solves this problem.

http://luxik.cdi.cz/~devik/apache/

Anyone ever came across this site? Or could any experts out there evaluate and test the code? If it claims what it can do and stable enough, I can't see why we shouldn't use this.

Later
Joe

 

 

 

 

Top