[BlueOnyx:03227] Re: php error
Darrell D. Mobley
dmobley at uhostme.com
Mon Jan 4 09:49:05 -05 2010
> -----Original Message-----
> From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it]
> On Behalf Of Darrell D. Mobley
> Sent: Thursday, December 31, 2009 7:42 PM
> To: 'BlueOnyx General Mailing List'
> Subject: [BlueOnyx:03210] Re: php error
>
> > -----Original Message-----
> > From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it]
> > On Behalf Of Darrell D. Mobley
> > Sent: Saturday, December 19, 2009 4:48 PM
> > To: 'BlueOnyx General Mailing List'
> > Subject: [BlueOnyx:03141] Re: php error
> >
> > > -----Original Message-----
> > > From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-
> bounces at blueonyx.it]
> > > On Behalf Of Michael Stauber
> > > Sent: Saturday, December 19, 2009 3:04 PM
> > > To: BlueOnyx General Mailing List
> > > Subject: [BlueOnyx:03139] Re: php error
> > >
> > > Or would you want that the PHP script of customer A can access the PHP
> > > scripts of customer B? You see where this leads to.
> > >
> > > You cannot have safe mode on and then expect it to behave in such an
> > > unsecure fashion. When safe mode is on, site4's PHP scripts cannot
> > > access site5's files and vice versa (due to UID and GID). Expecially
> not
>
> > > with open_basedir in place anyway.
> >
> > Well, no, I would not normally want it to work this way, but in this
> > particular circumstance, like I stated (and left above) I personally
> have
> > a production website on site4 and a development website for site4 on
> site5.
> > Normally I would not want this to take place, but because it's my sites,
> I
> > would like to have it operate as stated, primarily because I would like
> > the security SafeMode is supposed to provide in place in the event some
> > hacker broke into the site and tried executing a rogue PHP script. Does
> > that make sense?
> >
> > What about my other question:
> > > Another issue:
> > >
> > > I have a website (site4) that I am trying to get SafeMode to work
> with.
> > > When I have SafeMode enabled, either with or without SafeModeGID, it
> > > cannot use the PHP functions:
> > >
> > > imagecreatefromjpeg, imagecreatefrompng, imagecreatefromgif
> > >
> > > I include the site's absolute path in the SafeMode include directory,
> > > c and it has zero effect.
> > >
> > > How do I do this in BX?
> >
> > The files created by these image creation routines are owned by apache
> in
> > group site4. Can apache not produce images in a 755 permissioned
> directory
> > it owns? Is there a SafeMode restriction in place (when it is enabled)
> > that doesn't allow apache to create files in directories it owns? I
> tried
> > SafeModGID on and off, and putting the following directory paths in both
> > the SafeMode include and SafeMode exec spots:
> >
> > /home/.sites/70/site4
> > /home/.sites/70/site4/
> > /home/.sites/70/site4/web
> > /home/.sites/70/site4/web/
> >
> > Nothing worked.
> >
> > We know site4 owns all of those. I even changed the ownership of the
> > /home/.sites/70/site4/web/images directory to apache:site4 and changed
> > permissions on that one directory to 777. No joy.
>
> Bump.
Bump.
More information about the Blueonyx
mailing list