8cb1a96ede
Taken from: https://github.com/freebsd/freebsd-ports.git Commit id: 5070672073b68be364139bc6b3a89100bd17d331
16 lines
584 B
Text
16 lines
584 B
Text
SuPHP has no upstream maintainer and thus is not actively having
|
|
bugs and security issues addressed.
|
|
|
|
Its security track record is pretty good. The worst so far has been
|
|
privilege escalation to the httpd user, which is no worse than not
|
|
using SuPHP.
|
|
|
|
It is advisable to convert your system to PHP-FPM if possible.
|
|
|
|
The port maintainer's thoughts on sandboxing PHP are here:
|
|
|
|
http://blog.shatow.net/post/2013-07-17-sandboxing-php-part1.markdown
|
|
|
|
An overview of using PHP-FPM for application sandboxing is here:
|
|
|
|
http://blog.shatow.net/post/2013-11-27-sandboxing-php-part2.markdown
|