FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Exec Security
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Exec Security [message #178999 is a reply to message #178995] Sat, 01 September 2012 21:23 Go to previous message
J.O. Aho is currently offline  J.O. Aho
Messages: 194
Registered: September 2010
Karma:
Senior Member
On 01/09/12 20:50, Ryan wrote:
> Can you please eplain what you mean about the per site pho.ink being misused?

If you allow a instance have access to exec from which you allow service
be restarted (either full root access or sudo), then there is always a
risk that someone can manage to execute something you thought was
possible, this could lead to the whole machine is compromised.


> A daemon is a waste at resources IMO since its always running though most of the time it will do nothing.

Daemon ain't a waste of resources if you do it the right way, let it
idle till it gets a message, it will make a small memory imprint, it
will not waist many cpu cycles while not doing anything and you increase
the security of your system.


I have seen a database based solution running on quite many servers,
including web servers, database servers, dns and mail server been handle
this way, the resources used by the provisioning software was quite
small, would go as far as say it's not measurable.


--

//Aho
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Is PDO an abstraction layer?
Next Topic: Net Connect API -php
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 28 06:55:02 GMT 2024

Total time taken to generate the page: 0.04102 seconds