ID: 33752 Updated by: [EMAIL PROTECTED] Reported By: mordae at mordae dot net -Status: Open +Status: Feedback Bug Type: Feature/Change Request Operating System: all POSIX PHP Version: 4.3.11 New Comment:
>For the first, we all know what PHP does in (un)safe_mode. So tell us, if you know. >There has to be some solution of this problem. What problem? >You have disagreed with all previous What are you talking about? Previous Comments: ------------------------------------------------------------------------ [2005-07-18 17:44:19] mordae at mordae dot net Description: ------------ For the first, we all know what PHP does in (un)safe_mode. There has to be some solution of this problem. You have disagreed with all previous, so what about this one: Add php.ini directive, that will make PHP check UID of all parent directories of accessed file in addition of file's and if any of parent directories are owned by correct user, allow access. To improve security, you could also check if all directories "above" are owned by the user, who runs PHP. See Titov's patch at http://titov.net/safemodepatch/ Thank you Mordae ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33752&edit=1
