[Solved] LiteSpeed, mod_lsapi, CloudLinux, opcache security setting?

#1
Does anyone know if this https://ma.ttias.be/mitigating-phps-long-standing-issue-opcache-leaking-sensitive-data/ is a current security issue with mod_lsapi as well and if these recommended settings should be made?

Thanks
Mark
 
Last edited by a moderator:

Pong

Well-Known Member
Staff member
#2
As the article states, it has been fixed by PHP. You can also try set value yourself in php.ini.
 
#3
Hi Pong

It does say that it is fixed IF the additional settings are made MANUALLY in the settings. Not with the default configuration.
Now - it seems like these settings may introduce some additional overhead into the system for each script call.
And so the question stays - is it necessary in a LiteSpeed, mod_lsapi, CloudLinux environment to make these settings or are the users somehow isolated by the way PHP is run in such an environment?
 
Top