[BlueOnyx:00093] Re: Various issues wirh BlueOnyx

Tom Müller-Kortkamp tmueko at kommunity.net
Fri Jan 9 12:45:32 -05 2009 

Am 09.01.2009 um 15:43 schrieb Michael Stauber:
>> In "Software Updates"
>> Warning: file_get_contents(/tmp/yum.check-update) [function.file-get-
>> contents]: failed to open stream: Permission denied in /usr/ 
>> sausalito/
>> ui/web/base/swupdate/yum.php
>
> Meh. I though I had fixed that already. Do a "rm /tmp/yum.check- 
> update" for
> now to get rid of that. I'll give that code another touch up.
right, now permissions are 444

>> MySQL ist passworded.
>> I created a virual site with a user; I logged in as that user and
>> created a MySQL-DB (with mysql disabled for that site).
>> After that i created a second site with one user, logged in as that
>> user and deleted the MySQL-DB from the first user?¿?¿
>
> Huh? I'm not sure if I understood that correctly, Tom. That user  
> shouldn't
> have permissions to delete another users MySQL database. Unless you  
> gave that
> permission to the user to begin with, which wouldn't be that smart.  
> I will
> look into this, of course.
Not even the site had a DB nor had the user any privileges (no  
siteadmin). Just a simple user who logged in on the Web-Interface....

the user "root" has a .my.conf Files with the DB-Password in the  
[client] section?¿

>
>
>> And mod-php instead of fcgid and suexec for php
>
> Performance reasons. fcgi or suexec is abysmally slower than  
> mod_php. Like
> factor 6-8x slower. So personally I consider that kind of  
> performance hit a
> no-go area.
>
> Sure, fcgi or suexec alone already make PHP quite a chunk more  
> secure than
> mod_php, but on the other hand: The PHP security features that we  
> added
> should also take care of things very nicely.

my experience is, that with mod_fcgid I take a little longer the first  
time to load, but execution-time is nearly the same...

Your changes for systemwide- and sidewide php-settings are great, no  
argument about that.

But I like the idea that every site has its own user: Upload as  
siteadmin1 and run php as user "apache" results in files and directory  
with 666 oder 777 (the normal stupid user sets x even on normal  
documents)

The guys from typo3 think, that fcgid is even fast as mod_php

http://typo3.org/development/articles/using-php-with-mod-fcgid/page/2/
The thing about the mpm-worker is a very important argument in times  
of 8-way and more computers


just my zwo cent ... now its weekend (thank god its friday:-P)


Tom Müller-Kortkamp

More information about the Blueonyx mailing list