Edit report at https://bugs.php.net/bug.php?id=18407&edit=1
ID: 18407 Updated by: ni...@php.net Reported by: msteinacher at websource dot ch Summary: Request of new configuration directive for safe_mode -Status: Open +Status: Closed Type: Feature/Change Request -Package: Feature/Change Request +Package: *General Issues Operating System: Linux PHP Version: 4.2.1 -Assigned To: +Assigned To: nikic Block user comment: N Private report: N New Comment: Closing this as safe mode is no longer supported as of PHP 5.4 Previous Comments: ------------------------------------------------------------------------ [2002-07-18 05:54:21] msteinacher at websource dot ch I suggest to add a new configuration directive for safe mode to solve the common problem, that a user can't change uploaded files because they have the UID of the user owning the webserver process and not the UID of the user owning the script. I know that I could turn safe_mode off and use only open_basedir instead. Another 'solution' sould be to use safe_mode_gid and put the webserver-user in the same group as the script-owners. But I don't want to do this. Thus my suggestion to add a new directive that could for example be called 'safe_mode_allow_proc_uid'. If this is set to TRUE then PHP should allow the access to files which are owned by the user that owns the script (as it does now) _OR_ files which are owned by the user that owns the webserver process. In other words: Try to implement the patch at http://www.zend.com/lists/php-dev/200201/msg01149.html with the option to enable or disable it. Thanks for listening. Marco ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=18407&edit=1
