SLUG Mailing List Archives
Re: [SLUG] Re: CGI
- To: Angus Lees <gusl@xxxxxxxxxxxxxxx>
- Subject: Re: [SLUG] Re: CGI
- From: Graeme Merrall <graeme@xxxxxxxxxxxxx>
- Date: Fri Jul 14 22:03:31 2000
- Cc: slug@xxxxxxxxxxx
- Organization: Inetix E-Commerce
> how well does stuff built into the web server (like php) cope with
> virtual hosting? (ie: can one php script read files from another
> virtually hosted php user)
Well I can't offer an opinion for the CGI binary but just as you can't
access HTML files across virtual hosts, the same goes for PHP files.
One of the security features of the PHP CGI is discarding path
information so files outside of the web tree can't be accessed via the
PHP CGI. There's more to it than that as normally you can't do it anyway
but it offers an extra level of protection.
Additionally, PHP has settigns to control max execution time and memory
limits to prevent it from hogging resources.
I'm sure there are similar settings for mod_perl. Nothing like a
never-ending loop for server fun :)