From owner-freebsd-questions@FreeBSD.ORG  Sat Oct  8 00:52:22 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@FreeBSD.org
Delivered-To: freebsd-questions@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ED6EB16A41F
	for <freebsd-questions@FreeBSD.org>;
	Sat,  8 Oct 2005 00:52:22 +0000 (GMT)
	(envelope-from lists@servingpeace.com)
Received: from smtp.servingpeace.com (servingpeace.com [69.55.225.16])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B5CD543D45
	for <freebsd-questions@FreeBSD.org>;
	Sat,  8 Oct 2005 00:52:22 +0000 (GMT)
	(envelope-from lists@servingpeace.com)
Received: from [10.0.0.30] (adsl-68-125-128-211.dsl.pltn13.pacbell.net
	[68.125.128.211])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.servingpeace.com (Postfix) with ESMTP id 351D0BA224;
	Fri,  7 Oct 2005 17:52:22 -0700 (PDT)
Message-ID: <43471845.4070806@servingpeace.com>
Date: Fri, 07 Oct 2005 17:52:21 -0700
From: Sam Nilsson <lists@servingpeace.com>
User-Agent: Thunderbird 1.4 (Macintosh/20050908)
MIME-Version: 1.0
To: "M. L." <user@celeritystorm.com>
References: <43470F58.6070609@celeritystorm.com>
In-Reply-To: <43470F58.6070609@celeritystorm.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@FreeBSD.org
Subject: Re: suPHP - secure/reliable?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Oct 2005 00:52:23 -0000

M. L. wrote:
> Hi all,
> 
> I'd like to know your opinions on suPHP. I was looking for some software 
> that would execute PHP scripts as the user who owns them, instead of 
> www, and came up with that. But the site is written in poor english, the 
> software consists on a root setuid binary, so I'm a bit worried about 
> the quality of this software.
> 
> Does anyone have anything to say about suPHP, either good or bad stuff ? 
> I'd like your opinions.
> 
> Regards,
> 
> M. L.

I can't answer your questions about suPHP. I chose a different way. I 
installed the fastcgi apache module from ports, and I compiled the 
php-cgi port with fastcgi support. Then I compiled apache with suexec 
support so that I can run cgis (fastcgi included) as whatever users I need.

If you are interested in taking this route I may be able to help you 
with the little details.

- Sam Nilsson