[BlueOnyx:03226] Re: php error
Darrell D. Mobley
dmobley at uhostme.com
Mon Jan 4 09:49:05 -05 2010
> -----Original Message-----
> From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it]
> On Behalf Of Darrell D. Mobley
> Sent: Thursday, December 31, 2009 8:01 PM
> To: 'BlueOnyx General Mailing List'
> Subject: [BlueOnyx:03211] Re: php error
>
> > -----Original Message-----
> > From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it]
> > On Behalf Of Michael Stauber
> > Sent: Saturday, December 19, 2009 3:04 PM
> > To: BlueOnyx General Mailing List
> > Subject: [BlueOnyx:03139] Re: php error
> >
> > Hi Darrell,
> >
> > > > Say I had a production website at site4 and a development website at
> > > > site5, and I wanted to enable safe_mode and safe_mode_gid so that I
> > > > could include a file from site4 on site5. How do I avoid this:
> > > >
> > > > "SAFE MODE Restriction in effect. The script whose uid/gid is
> 519/504
>
> > > > is not allowed to access /file/path/filename.php owned by uid/gid
> > > > 531/503 in /another/path/anotherfile.php on line X."
> >
> > You don't. At least you shouldn't.
> >
> > Or would you want that the PHP script of customer A can access the PHP
> > scripts of customer B? You see where this leads to.
> >
> > You cannot have safe mode on and then expect it to behave in such an
> > unsecure fashion. When safe mode is on, site4's PHP scripts cannot
> access
> > site5's files and vice versa (due to UID and GID). Expecially not with
> > open_basedir in place anyway.
>
> Are you saying that with SafeModeGid you cannot include site5 in the site4
> group and expect SafeModeGid to recognize this? Is this an open_basedir
> issue or a SafeMode issue or both?
>
> I added site4 to site5's group and visa versa without success.
Bump.
More information about the Blueonyx
mailing list