Re: [PHP] safe mode bug ?
Robert Hensel <robert@hensel.nl> writes:
> Hi,
>
> I understand that there are a lot of solutions to make PHP more safe. And
> of course,I don't see safe_mode as _the_ solution. But I definetly consider
> it to be a good extra protection, just like basedir restrictions, and the
> problem I described seems simply like a bug in safe_mode.
True. I forgot about using it a long time ago.. safe_mode is not a bad
idea, but the way it's implemented really IS.. :(
> Franz Georg KĂśhler wrote:
>
>>Hello,
>>
>>
>>it is widely known that safe_mode is not really safe.
>>
>>You might want to restrict access with open_basedir .
I think open_basedir is far better and safer that the whole safe_mode
thing..
>>The most secure solution is still to install php's cgi executable in an
>>suexec environment.
I agree with this, but its not applicable on boxes with heavy load.. CGI
cannot meet the speed of php apache module.. Maybe with FastCGI, but I
haven't tried yet..
--
regards,
= michal panoch - linux admin
= michal@panoch.net
= gpg fp: 816b be10 99cf 159b 8e1a 4648 ad7a 9df2 de4e c6f4
Reply to: