Is it possible to use safe mode yet allow all scripts to include any files 
from /usr/share/php? Normal users ain't gonna have *write* access to that 
directory, so it shouldn't be much of a security concern, I just don't know 
how to do this. I know that I can disable safe_mode and enable open_basedir, 
but that will create yet another security hole because normal users will be 
able to alter LD_LIBRARY_PATH, which is not a very good idea. AFAIK, they can 
make PHP load a custom glibc and thus gain root access to the box if I allow 
them to do that.

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to