Hi I want to get best PHP security.
WHM/CPanel
What settings?
Only from home dir?
We use XCache, I want it and realpath to perform good. Is that secure? can other php people read others real path cache in memory (dont think so each process is owned separaetly?)
What functions shall I disable? I like top output and such for clients BUT, I'd prefer the usernames removed (They might be if i recall cpanel makes it nobody; but for php it shows) anyway to change PHP's shell or somthing?, anyway to only allow that and uptime and such?
Also on 4.1, hopefully it can be answered without another topic.
RC3- PHP 5.2 executes as nobody, tried playing with everything, suexec etc etc etc, same as 4.0, set it to not suexec, set to to suexec, reinstalled. What?
WHM/CPanel
What settings?
Only from home dir?
We use XCache, I want it and realpath to perform good. Is that secure? can other php people read others real path cache in memory (dont think so each process is owned separaetly?)
What functions shall I disable? I like top output and such for clients BUT, I'd prefer the usernames removed (They might be if i recall cpanel makes it nobody; but for php it shows) anyway to change PHP's shell or somthing?, anyway to only allow that and uptime and such?
Also on 4.1, hopefully it can be answered without another topic.
RC3- PHP 5.2 executes as nobody, tried playing with everything, suexec etc etc etc, same as 4.0, set it to not suexec, set to to suexec, reinstalled. What?