FUDforum: comp.lang.php » Exec Security

Home » Imported messages » comp.lang.php » Exec Security

Show: Today's Messages :: Polls :: Message Navigator

Re: Exec Security [message #178999 is a reply to message #178995]

Sat, 01 September 2012 21:23

J.O. Aho
Messages: 194
Registered: September 2010

Karma:

Senior Member

On 01/09/12 20:50, Ryan wrote:
> Can you please eplain what you mean about the per site pho.ink being misused?

If you allow a instance have access to exec from which you allow service
be restarted (either full root access or sudo), then there is always a
risk that someone can manage to execute something you thought was
possible, this could lead to the whole machine is compromised.

> A daemon is a waste at resources IMO since its always running though most of the time it will do nothing.

Daemon ain't a waste of resources if you do it the right way, let it
idle till it gets a message, it will make a small memory imprint, it
will not waist many cpu cycles while not doing anything and you increase
the security of your system.

I have seen a database based solution running on quite many servers,
including web servers, database servers, dns and mail server been handle
this way, the resources used by the provisioning software was quite
small, would go as far as say it's not measurable.

--

//Aho

Report message to a moderator

[Message index]

		Exec Security By: Ryan on Sat, 01 September 2012 01:49
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 02:12
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 06:54
		Re: Exec Security By: Ryan on Sat, 01 September 2012 09:51
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 11:19
		Re: Exec Security By: Ryan on Sat, 01 September 2012 18:50
		Re: Exec Security By: Ryan on Sat, 01 September 2012 20:19
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 20:26
		Re: Exec Security By: Ryan on Sat, 01 September 2012 21:11
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 23:14
		Re: Exec Security By: Ryan on Sun, 02 September 2012 00:17
		Re: Exec Security By: J.O. Aho on Sun, 02 September 2012 07:25
		Re: Exec Security By: The Natural Philosoph on Sun, 02 September 2012 11:02
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:32
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:35
		Re: Exec Security By: Jerry Stuckle on Mon, 03 September 2012 03:43
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:53
		Re: Exec Security By: J.O. Aho on Mon, 03 September 2012 04:55
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 21:23

Previous Topic:	Is PDO an abstraction layer?
Next Topic:	Net Connect API -php

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Oct 19 17:20:13 GMT 2024

Total time taken to generate the page: 0.04304 seconds