I am trying to better understand suPHP.
I have obviously found the suPHP documentation on google, and have found the generic answers for what it is and does, but I am confused on how it can help with session security and preventing session hijacking.
If anyone could clarify this for me, I'd be grateful. Google isn't yielding any good results!
suphp isolates PHP processes on shared hosting. It allows to run scripts on each virtual host under a different user account.
Which aids security by making the session store inaccessible to shared accounts on the same server. Occasionally a world-readable directory (see session_save_path) might be used by PHPs session handler to store the serialized $_SESSION blob. (For example /tmp/session/ which is a subpar configuration to begin with). With suphp this is constrained.
However this doesn't help with session hijacking it all, as that originates from HTTP packet sniffing, or cross-site scripting exploits. Local access or just reading out the session store directory is a possible vector for session replay attacks, but a seldom one.
