[BlueOnyx:03139] Re: php error
Michael Stauber
mstauber at blueonyx.it
Sat Dec 19 15:03:38 -05 2009
Hi Darrell,
> > Say I had a production website at site4 and a development website at
> > site5,
> > and I wanted to enable safe_mode and safe_mode_gid so that I could
> > include a
> > file from site4 on site5. How do I avoid this:
>
> Bump????
You don't. At least you shouldn't.
Or would you want that the PHP script of customer A can access the PHP scripts
of customer B? You see where this leads to.
You cannot have safe mode on and then expect it to behave in such an unsecure
fashion. When safe mode is on, site4's PHP scripts cannot access site5's files
and vice versa (due to UID and GID). Expecially not with open_basedir in place
anyway.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list