To PHPsuexec or not

Can any knowledgeable Webmaster comment please. I have one virtual account
where suexec has been suspended (without any warning) because it apparently
caused so much hassle ?
Writing directory folders - say for graphics temp storage - without suexec
creates the entry obviously as nobody where Apache and chmod permissions
have to be 777 leaving that area open to any other script writing to it.
Suexec obviously uses 755 UID/GUI and nobody's are excluded.
Has anyone experienced the danger of this non suexec loophole. Or for that
matter have opinions on how vulnerable an application is with write
permissions enabled.
Thanks Tony

--
Inkylink JetTec UK Quality - Wot others wanna-be
Epson C64/ C84 Lighfast (30% more free) pigmented inks.
Canon BCI-3 i560 i750 BCI-6 i865 S-820 / S-900 series.
Specialist ink refill kits... http://www.inkylink.co.uk
remove pants for personal mail

Carved in mystic runes upon the very living rock, the last words of
Tony1that matters of alt.www.webmaster make plain:

 > Writing directory folders - say for graphics temp storage - without
 > suexec creates the entry obviously as nobody where Apache and chmod
 > permissions have to be 777 leaving that area open to any other script
 > writing to it. Suexec obviously uses 755 UID/GUI and nobody's are
 > excluded. Has anyone experienced the danger of this non suexec
 > loophole. Or for that matter have opinions on how vulnerable an
 > application is with write permissions enabled.

I don't know about the pros and cons of using suexec specifically, but
having scripts run under your user ID, either with suexec or a wrapper,
is a security must, to avoid having to leave files open.

--
Alan Little
Phorm PHP Form Processor
<a style='text-decoration: underline;' href="http://www.phorm.com/" target="_blank">http://www.phorm.com/</a><!-- ~MESSAGE_AFTER~ -->