04-30-2012, 08:41 PM
|
|
LiteSpeed Staff
|
|
Join Date: Oct 2010
Posts: 2,389
|
|
Quote:
Originally Posted by QuantumNet
Okay well here is a question for you, I have been in a long discussion with Igor regarding suexec vs lsapi php security... Because we are using CageFS the user can only see their own files... but if you use suexec then and attacker can delete a customers site and or easily add malicious code to their files.
...
But isnt it true that LVE controls dont work in suexec mode? so wouldnt my above recommendation of CageFS +php lsapi work with LVE???
|
suEXEC needs to be enabled for CageFS to work. pls pm the steps to reproduce the issue so we can look into it. |