Jason, safe_mode_gid may indeed be the solution, though it seems to go way too far in relaxing things.
It's the functionality of safe_mode that I want ... with the proviso that the web server should be able to read files that it writes. I will not consider turning off safe_mode entirely, any more than I will consider giving customers shell access to my servers. That would seem to be foolhardy. But that may just be the paranoia talking. p On Tue, Jul 01, 2003 at 10:19:01PM -0700, Jason Sheets wrote: > > Take a look at safe_mode_gid, it tells PHP to do safe mode owner > checking using the group id rather than user id. > > safe_mode_gid boolean > > By default, Safe Mode does a UID compare check when opening files. If > you want to relax this to a GID compare, then turn on safe_mode_gid. > Whether to use UID (FALSE) or GID (TRUE) checking upon file access. > > http://www.php.net/manual/en/features.safe-mode.php > > Other than that consider turning off safe mode if you have access to it, > or turn it off for your virtual host. > > Paul Chvostek wrote: > >I've got a script whose configuration creates a storage directory owned > >by the web server in which files get stored, also owned by the web > >server. With safe_mode in effect, I'm getting errors like: > > > > Warning: file_exists() [function.file-exists]: SAFE MODE Restriction in > > effect. The script whose uid is 10054 is not allowed to access > > /path/to/some/data owned by uid 80 in /path/to/some/file.php on line 111 > > > >Wouldn't it make sense for safe_mode also to allow read access to files > >owned by the web server's process as well as the directory owner's? > > > >Obviously, a process running as uid 80 won't be able to suid to another > >user. If I make the directory owned by the user, the files will be > >inaccessible, but if I make the directory uid 80, then *it* will be > >inaccessible. > > > >Is there some other solution to storing (and then retrieving) files with > >safe_mode on? -- Paul Chvostek <[EMAIL PROTECTED]> it.canada http://www.it.ca/ Free PHP web hosting! http://www.it.ca/web/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
