suPHP

suPHP is an Apache module which will force PHP scripts to be executed with the permission of its owner.

What does that mean ?

It means that if a script contains a vulnerability, and got exploited, then only that particular user will be affected.

This module is not supposed to be used together with mod_php, and anyway, if you’re using mod_php, any exploited PHP script will give the intruder access to everything accessible by Apache (since mod_php execute scripts as Apache’s user)

Needless to say, suPHP would be of high interest to webhosters, along with mod_security.

2 thoughts on “suPHP

Leave a Reply

Your email address will not be published. Required fields are marked *