Security in multi-pool FPM environment

[Davis]

Greetings!

Does Xcache use a single shared memory segment across all PHP-FPM pools?
If yes, is there anything that would stop a malicious dynamically loaded PHP extension (or process spawned from a PHP-FPM pool) to read/write cached code/constants/sessions of another PHP-FPM pool?
If no, is Xcache safe and secure for use in multi-pool PHP-FPM environment where pools must be fully isolated from each other (pools are already isolated otherwise - chrooted in different chroot jails and running under different user accounts)?

[Xuefer]

the easiest way is to check instance id and see if it's same in XCache admin page, or phpinfo() page. compare it in different sites (pools)

--

---
You received this message because you are subscribed to the Google Groups "XCache" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xcache+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Yui Bei Fong]

as i know php-fpm does not really allow to load per-pool extensions,
so generally for scripts using unique paths (if you use different chroot containers)
and
xcache.var_namespace =        "USER"
to isolate variables shall suffice. Correct me if i'm wrong or missing anything important here.

[Xuefer]

excellent answer. credits to you. it could also be SERVER_NAME if USER is same