When utilizing the PHP installation on a webserver, php runs as the user (uname ) and it does not need the execute flag to be enabled. The issue on it is that, if mod_openbasedir is not installed, every user will be capable to read your php files. The reason is that everybody virtually sharing the same username (uname).
probably you know that the PHP Files are not meant to be read, but parsed, and that is where the issue resides. PHP Files have to be parsed, else each person who is capable to read your php file will find settings that you would probably want to keep private, like your MySQL username and password. PHPSUEXEC stabilize all these, the reason is that, it requires php to be run as the file owner's username (for example: Jhon).
This is not everything it stabilize though. PHPSUEXEC is also here to stabilize file ownership issues. It has been an usual issue on a few CMS like, Joomla, WordPress. It also include security to your files as you can utilize permissions such as 600 or 700 in your files and your visitors will still be capable to find them (parsed) in their browsers. PHPSUEXEC will also refuse to serve any pages which are at security risk, for example with 777 as permissions. (will generate an Internal Server Error)
__________________
This is YOUR forum help us keep it clean. 
|
06-20-11, 04:56
Linear Mode
