Re: Webserver users

[Joerg Sonnenberger <joerg%bec.de@localhost>]

On Thu, Apr 26, 2018 at 07:19:06PM +0100, Mike Pumford wrote:
> 
> 
> On 26/04/2018 13:08, Joerg Sonnenberger wrote:
> 
> > The *only* reason we have this mess is to cater to mod_php users. I'd
> > say let's inverse that and provide a reasonable setup that works for
> > all sane setups, i.e. where the application runs as its own user and
> > with a *group* www, if necessary at all.
> > 
> Whats with the mod-php hate. If you are running a single application
> webserver why is that not a reasonable solution? What's the technical reason
> for wanting to avoid it? This is for my own education. If there is a better
> way to run php applications in a web server with no extra overhead over
> mod-php I'd like to know about it.

It's a basic question of design. mod_php adds a lot of complexity to the
web server and therefore a lot of attack surface. It's also a very
common misconception that mod_php doesn't add overhead. It ties up a
worker instance for the duration of the script execution. That in itself
blocks ressources that could be used better for other work. Then of
course there is the very reason where this discussion started: not using
mod_php makes it so much easier to avoid whole classes of password leaks
the like, simply by making it possible to take them out of the access
path of the web server...

Joerg