ketty <[EMAIL PROTECTED]> wrote: > On 2/19/07, Christopher D. Clausen <[EMAIL PROTECTED]> wrote: >> >> Someone might want to look into seeing how safe the PHP safe_mode >> really is. Ideally, all system(), exec(), and various other >> "dangerous" calls should be blocked. > > safe_mode is an old artifact providing no real security and it will be > removed in php6. > http://se2.php.net/features.safe-mode > http://ilia.ws/archives/18-PHPs-safe_mode-or-how-not-to-implement-security.html
That doesn't surprise me actually. Is http://www.suphp.org/ any better? <<CDC _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
