list at joreybump.com
Thu Dec 15 20:12:13 EST 2005
Roberto Sanchez wrote: > Graham Dumpleton wrote: > >> If you are using mod_python.psp you will not, but if you use >> PythonHandler >> to target a handler .py file in ~/public_html, or you are using >> mod_python >> version 3.1.4 or older and mod_python.publisher, you can. > > That makes me wonder if it is a Bad Idea(TM) to let apache run as the > user himself. Is there an alternative there? Originally, I was trying > to avoid the problems encountered by using mod_python on a shared > machine. This is similar to the problem with using mod_php on a shared > machine, except that PHP has a safe mode (which I understand is not very > safe at all). Running separate instances of apache seems like the > better alternative in this case. I am just wondering of problems that > may occur by letting the web server run and then having write access to > the document root. It's a double-edged sword, much like running CGI with suexec. Be sure to limit the user so there are no important assets in the home directory (like personal mail or private keys).