nginx + php fpm security issue?
I am new user of nginx + php-pfm, but I am a little bit confused about
security.
For example I am running a few pools with different uid/gid as TCP
sockets. So theoritically it is possible that any local shell user can
connect to 127.0.0.1 9000 OR 9001 or any other FPM port and send php code
to execute with different uids? How to avoid that? (file sockets is not an
option)
No comments:
Post a Comment