> > > Unless there is some other way in PHP of restricting where you can run > > programs from (can't find any), > > Why PHP needs to do that ? isnt that part of OS level security ?
There are those of us in shared environments where scripts can't be run as a single user because the content is owned by a group of users and thus a group is the limiting factor. Since PHP is what is allowing me to run scripts/progs through a php function I don't see how it would be that difficult to lock that down to a specific directory on a per vhost basis. > > >this is going to become a major problem. > > This is going to **solve** a major problem, this change will eliminate > the false sense of security that safe_mode provides and will tell > people to start securing their stuff better. > > safe_mode does not really resist any analysis, whoever convinced you > that it is a good thing does not have a clue. I will be the first to acknowledge that the basic premise of safe_mode is broken (the part about uids/gids matching), but the extra feature I used was a per vhost disabling of executing anything that wasn't php. This is the real feature I want, simple per vhost disable functions. I realize that suhosin provides a per vhost disable functions feature, but why is it up to an extension to provide that? The next thing I would want is a per vhost exec dir limit. People are too quick to throw out the baby with the bath water on safe_mode. It isn't completely useless to everyone. -- -Nathan Gordon If the database server goes down and there is no code to hear it, does it really go down? <esc>:wq<CR> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php