8 May
2007
8 May
'07
17:31
Sylvester Lykkehus escribió:
Since you mentioned the "basic security" configured by open_basedir, you should also be aware, that with PHP6, safemode will be removed.
open_basedir and safe-mode are different, they serve and slightly different purpose.. safe-mode is unfixable, it is broken by design and the only way to fix was removing it, it causes more harm tha good, open_basedir has limited value but is still useful..in PHP6 you can use it per application with ini_set('open_basedir', '/foo/bar'); as long it is equally or more restrictive than the one set "per dir" ( and this last one should be equally or mor restrictive than the one defined in httpd.conf or php.ini)