 |
 |
 |
 |
|
|
Date: 06/30/01
- Next message: derick <email protected>: "[PHP-DEV] Bug #11808 Updated: any php program cant be exe. a masseg cannot execute html file ....."
- Previous message: CVS Account Request: "[PHP-DEV] CVS Account Request"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi list,
I'd like to submit the problem I have and the idea to circonvent it.
I host web site. Those sites belong to different peapole (login)
Putting safe_mode on breaks the loading of any file in include_path
variable because there's no chances that they could belong to the script
owner. Therefore it breaks any common library anyone could you (like
phplib).
OTOH, setting safe_mode to Off is a real lack of security.
Suggestion:
Keep safe_mode the way it works EXCEPT for files in include_path and
tmp_path (for uploading...)
Now I don't know php 4 code so much that I can do it alone.
Does it sound a ood idea? Does it break something else ? Did I miss
something ??
Can you give me some pointers to do it??
TIA
-- Olivier PRENANT Tel: +33-5-61-50-97-00 (Work) Quartier d'Harraud Turrou +33-5-61-50-97-01 (Fax) 31190 AUTERIVE +33-6-07-63-80-64 (GSM) FRANCE Email: ohp <email protected> ------------------------------------------------------------------------------ Make your life a dream, make your dream a reality. (St Exupery)-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: derick <email protected>: "[PHP-DEV] Bug #11808 Updated: any php program cant be exe. a masseg cannot execute html file ....."
- Previous message: CVS Account Request: "[PHP-DEV] CVS Account Request"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]