ID: 9516 User Update by: [EMAIL PROTECTED] Status: Open Old-Bug Type: PHP options/info functions Bug Type: Feature/Change Request Description: No trivial way to bypass safe mode when running as a shell Previous Comments: --------------------------------------------------------------------------- [2001-03-01 19:26:40] [EMAIL PROTECTED] I keep PHP both as an apache module and as a standalone shell, However, to be responsible, I need safe mode for the apache module and so it's in the .ini file. But when I run the script from a standalone shell from suexec, PHP insists on reading the .ini, going into safe mode, and then setuid's -1, from which there is no recovery. There is no way around this except to compile each version with a separate config-file-path, one path has a config without safe_mode and one does. Scenario: script file has same owner uid as POSIX getuid() script is being executed through a shell (#!/usr/local/bin/php) You cannot specify an alternate config file from the shell invocation when being executed from suexec -- it will keep on reporting, "No input file specified" (which is an entirely separate issue.) There should be an option for the shell not to enter safe-mode, and it could be specified as part of the shell invocation line in the script, (ie #!/usr/local/bin/php --no-safe-mode) I think if some restriction control could be placed in the .ini file to restrict who is allowed to perform that function, that would safe enough. Bram --------------------------------------------------------------------------- Full Bug description available at: http://bugs.php.net/?id=9516 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]