[BlueOnyx:08110] Re: suPHP

[Michael Stauber]

Hi Jeff,

> Had to go look at my old server, because I didn't remember the problem
> there... Sure enough, home is in the global basedir, so we MUST have had
> this conversation a couple years ago... LOL

Yeah, and somehow it recently got dropped from the GUI code again <sigh>. Am 
just releasing a fix.
 
> I hope that isn't too loose a setting... can sites cross boundaries?

If suPHP is enabled on all sites, then the ownerships will prevent that, as a 
suPHP enabled script can't snoop stuff that's owned by another UID/GID.

If there are sites where "just normal" PHP is enabled, then the more 
restrictive open_basedir settings in that site's siteX Apache config will 
restrict that they access anything else. 

So in theory this should be fine. In practical terms it could be better. Like 
if we had a setup where each suPHP enabled site had it's own php.ini. However, 
that's not that easy to set up and I've set that aside for a later time for 
now.

-- 
With best regards

Michael Stauber