Hello,
I have many of my clients set up in 'safe_mode' mainly for security reasons.
Well, as many of you know, that limits the way PHP functions. Especially on
complex apps.
Here is what I include in their httpd configs now...
php_admin_flag safe_mode on
php_admin_flag register_globals off
php_admin_flag allow_url_fopen off
php_admin_value doc_root /sites/site.com/www
php_admin_value open_basedir /sites/site.com
php_admin_value session.save_path /sites/site.com/sessiondata
php_admin_value upload_tmp_dir /sites/site.com/uploadtemp
php_value upload_max_filesize 1024000
Can anyone else give me some other options that will make things secure, but
have safe_mode turned off?
I mainly don't want them able to execute shell commands, view info not in
their directory, etc.. Etc..
ANY help or insight would greatly be appreciated.
TIA
+--------------------------------------------+
Mike Yrabedra (President)
323 Incorporated
Home of MacDock, MacAgent and MacSurfshop
+--------------------------------------------+
W: http://www.323inc.com/
P: 770.382.1195
F: 734.448.5164
E: [EMAIL PROTECTED]
I: ichatmacdock
+--------------------------------------------+
"Whatever you do, work at it with all your heart,
as working for the Lord, not for men."
~Colossians 3:23 <{{{><
+--------------------------------------------+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
