1 |
> Yes, the patch is here |
2 |
> http://mega.ist.utl.pt/~miguel/code/suexec+php.diff |
3 |
> |
4 |
> but just looking through the several errors in the comments and the general |
5 |
> hackish attitude in the code, I wouldn't recomend using it on production |
6 |
> servers without further auditing. |
7 |
|
8 |
you are right, it is a hack. and he probably wasn't too careful with comments, |
9 |
but as you also noticed it is as trivial as it gets. |
10 |
|
11 |
> Is this patch submitted to the apache team? |
12 |
|
13 |
not that I know of. |
14 |
|
15 |
> It looks simple enough, but as it is in a vital security area (suexec) it |
16 |
> may bring big surprises later. |
17 |
|
18 |
that's the right attitude. all I can say is that has been used for about 16 |
19 |
months in a solaris 7 server with about 8000 users with mod_userdir for |
20 |
hosting personal homepages. |
21 |
|
22 |
Cheers, |
23 |
-- |
24 |
|
25 |
Pedro João Lopes Venda |
26 |
email: pjvenda at pjvenda org |
27 |
http://www.pjvenda.org |