-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. I got a defacing in my domains this weekend. They used and php shell to run some processes in the machine and replace all index.(html|shtml|php). They changed my users password too, and let a process in the /tmp dir running on port 80. The thing is, if I turn on PHP Safe Mode, webmail and applications stop working (includes and execs). There's some way to secure PHP and don't lose half of it's funcionality? []s core - -- Jos? de Paula Eufr?sio J?nior Analista de Sistema | CPD ProInternet do Brasil -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE/1bjNuux+hAffZfsRAnMGAJ4utuZmJ5mkK0wg5qaXQVAAyePLAwCfRKWR QKOI+DBUs9NYAKKnK/jv3tY= =TiPv -----END PGP SIGNATURE-----