PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

Dynamic Site Navigation for Your Users
PHP Web Blog - Part 2
Reading RSS feeds in PHP: Part 2
In Case You Missed It...The Week of January 30, 2006
Best practices: Sessions

Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers From: Andi Gutmans (andi <email protected>)
Date: 10/20/00

Next message: Andi Gutmans: "Re: [PHP-DEV] A proposal regarding function naming, aliases and such"
Previous message: Rasmus Lerdorf: "Re: [PHP-DEV] A proposal regarding function naming, aliases and such"
In reply to: Teodor Cimpoesu: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Next in thread: Kristian K�hntopp: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Reply: Kristian K�hntopp: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 10:55 AM 10/20/00 +0300, Teodor Cimpoesu wrote:
>Hi Jason!
>On Thu, 19 Oct 2000, Jason Greene wrote:
>
> > I agree with what your saying, though I do agree that hosted customers
> seeing certain environment variables can be undesireable.
> > What do you think about a safe mode ini setting that could block
> certain "sensative" vars from being read?
>there is already something like this, see:
>
>safe_mode_allowed_env_vars
>safe_mode_protected_env_vars
>
>options your php.ini.

I think it should be done on the user level like you pointed out below. We
could put such a suggestion in the manual (to run with env -i).

>As for the original post, when you start Apache it inherits all your
>environment, this is how the programs work least on *nix.
>
>If you don't want that, use the magic `env' program like this:
>
># /usr/bin/env -i /opt/apache/sbin/httpd
>
>(with your env and httpd paths, of course).
>The -i options `clears' the environ so the httpd process starts w/o
>inheriting anything.

Andi

---
Andi Gutmans <andi <email protected>>
http://www.zend.com/
-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

Next message: Andi Gutmans: "Re: [PHP-DEV] A proposal regarding function naming, aliases and such"
Previous message: Rasmus Lerdorf: "Re: [PHP-DEV] A proposal regarding function naming, aliases and such"
In reply to: Teodor Cimpoesu: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Next in thread: Kristian K�hntopp: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Reply: Kristian K�hntopp: "Re: [PHP-DEV] why the damn phpinfo() is so talkative? + answers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]