[OCLUG-devel] I need a consultant for a php compile

[list3 at truswan.com]

Christopher Smith wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

list3 at truswan.com wrote:
> > I need a special compile of php and I'm inexperienced enough that I would
> > like an old hand at this to do it. I need a stand-alone instance of php
> > for command line use only. The object should have a different name from
> > the php instances already on a production machine to insure against
> > interference. The main reason for the compile is that it will run a
> > listener for socket connections which will include some encrypted fields.
> > Thus it needs to be with sockets and encryption (for 3DES symmetrical)
but
> > without any Apache possibilities. And thus the usual make-install
won't do
> > unless it is altered not to install under the usual name in the usual
> > location.
> >
> > Will pay for somebodies time, of course. Will provide access for the
> > duration in a VPN.
> >
> > Reply to email would be nice.

So, I'm not sure what you are asking for makes sense. The php executable
itself isn't compiled in with any Apache bindings that I'm aware of.
Most distributions give you a way to install php without installing
mod_php (which is an Apache module for php).

Either way, generally you'd want to secure the php *script* (as opposed
to the php executable itself) that is doing this binding with sockets
and encryption. Just make it non-executable for whatever user is running
your apache (typically user "nobody") and you are pretty much done. No
recompiles necessary.

As far as I can tell from reading, it is necessary to compile php with
sockets in order for it to use sockets at all. That's the source of my
need to compile the thing. I have never done that and I'm nervous about
compiling it on a production machine that already has some command line
php scripts running. The encryption has nothing to do with "securing" the
executable, I just mentioned it because some of the data I need to handle
will need to be encrypted.

Paul W