Mailinglist Archive: opensuse-factory (528 mails)
| < Previous | Next > |
Re: [opensuse-factory] PHP - tales from the crypt
- From: "Cristian Rodriguez R." <judas_iscariote@xxxxxxxxxxxxx>
- Date: Tue, 08 May 2007 13:31:26 -0400
- Message-id: <4640B3EE.6000401@xxxxxxxxxxxxx>
Sylvester Lykkehus escribió:
> Since you mentioned the "basic security" configured by open_basedir, you
> should also be aware, that with PHP6, safemode will be removed.
open_basedir and safe-mode are different, they serve and slightly
different purpose..
safe-mode is unfixable, it is broken by design and the only way to fix
was removing it, it causes more harm tha good, open_basedir has limited
value but is still useful..in PHP6 you can use it per application with
ini_set('open_basedir', '/foo/bar'); as long it is equally or more
restrictive than the one set "per dir" ( and this last one should be
equally or mor restrictive than the one defined in httpd.conf or php.ini)
> Since you mentioned the "basic security" configured by open_basedir, you
> should also be aware, that with PHP6, safemode will be removed.
open_basedir and safe-mode are different, they serve and slightly
different purpose..
safe-mode is unfixable, it is broken by design and the only way to fix
was removing it, it causes more harm tha good, open_basedir has limited
value but is still useful..in PHP6 you can use it per application with
ini_set('open_basedir', '/foo/bar'); as long it is equally or more
restrictive than the one set "per dir" ( and this last one should be
equally or mor restrictive than the one defined in httpd.conf or php.ini)
| < Previous | Next > |