Florian Weimer <[EMAIL PROTECTED]> wrote: > <p>This decision is based on the on two observations: Most PHP users > are small-scale users, not service providers. As a result, they do > not have to deal with the challenge of multiple users who need to > write PHP scripts which run on the web server, but do not trust each > other. [...]
Where does this observation come from and do we know whether it's true for debian? I certainly know a higher proportion of multi-user servers with PHP installed than the proportion of desktop systems I know with PHP. [...] > <p>Of course, it is possible to enable Safe Mode as an additional > layer of defense. However, as the only layer, it is far too weak.</p> It is possible to use this layer, but not very convenient if debian-packaged PHP apps won't run safely in Safe Mode. -- MJ Ray (slef), K. Lynn, England, email see http://mjr.towers.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
