Does PHP-CGI security issue (CVE-2012-1823) affect PHP running as regular users with mod_fcgid?

Question

Does this PHP-CGI security issue (CVE-2012-1823) affect PHP when it's running under individual regular-user accounts with mod_fcgid?

The wrapper .fcgi script I've been using is:

#!/bin/bash
PHPRC=$PWD/../etc/php5
export PHPRC
umask 022
export PHP_FCGI_CHILDREN
SCRIPT_FILENAME=$PATH_TRANSLATED
export SCRIPT_FILENAME
exec /usr/bin/php-cgi

score 2 · Accepted Answer · answered May 07 '12 at 22:27

2

According to the guys at LWN, it only affects CGI, not FCGI.

answered May 07 '12 at 22:27

David

464

Does PHP-CGI security issue (CVE-2012-1823) affect PHP running as regular users with mod_fcgid?

1 Answers1