Okay this has been a three day ordeal for me now :rolleyes:
How it started: I am writing a set of utilities which require emails to be sent out signed by GnuPG. So this led me to using php (my programming language) however as php is run as the apache user, it can’t access the USERNAME gnupg folder, because of permissions.
For this to work then, we want to run php as the username of he site. This has now opened a 20hour long searching can of worms for me. Finally I found suPHP. Chris (Interworx) had suggested, and I quote:
easiest “fix” would probably be to write a PHP CGI script to run under suexec in Apache as the website user. If you have CGI enabled just make a PHP CGI script and make sure the ownership is USERNAME and it’s chmod’d 755
Now that would be the most simplest of things to do - however I become stuck at this point, so if anyone has any ideas on that particular idea, please stop me now and let me know, as I would very much appreciate it.
After much much Googling, I found suPHP and set-to installing it, however am running into all sorts of problems. This would put a level of security in etc etc etc, however that would only happen if I could get it working. :rolleyes:
So in summary, if anyone has successfuly installed, configured and is using suPHP, please would you post up here and discuss how you did it and what the drawbacks & positives it has meant, or if someone knows how to accomplish Chris’s comments, I would appreciate it.
I am hoping that this can actually be a discussion on the suPHP module and security of PHP scripts, and what people currently do, and what anyones plans are.
Look forward to hearing your comments, suggestions, discussion.