> On March 19, 2004 04:28 pm, [EMAIL PROTECTED] wrote: >> So then following your logic why not remove open_basedir,safe_mode,etc >> all >> together from PHP, just to increase the performance? > > Because it would break BC. When these options were developed Apache 2 was > not around and fastcgi support was flimsy at best.
Ilia as far as Im concerned Apache 2 MPM does not currently work on most platforms http://httpd.apache.org/docs-2.0/mod/perchild.html thus unfortunatelly MPM can not be used in production environment. > Using plain CGI (which MANY > ISPs use) to run PHP is quite resource intensive. Which is exactly why I dont use plain CGI to run PHP. > Popularity of PHP will not be affected by these features and the > robustness > would only take a step backwards. More over the 'security' you add is > easily > bypassed through a variety of means. So just because there might be means to bypass security options in PHP we shouldnt even bother improving security? Lets give up. IMHO it should be the other way around, we should try to improve security the best way possible, especially knowing that at the moment there might be ways of bypassing it. > Adding more to these > 'features' when real support is already avaliable seems highly counter > productive IMO. > > Ilia Cheers, Boulat -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
