Hi all,
Has anyone noticed safe_mode not working correctly with php-4.3.1?
Until recently we have been running php-4.2.3 with safe_mode enabled to
host a multi-user public web server. Having upgraded to php-4.3.1 I
noticed that scripts can now access files on the file system owned by a
different UID/GID, which is supposed to be prohibited in safe_mode. If I
switch back to php-4.2.3, I get safe_mode restrictions as expected.
get_ini('safe_mode') shows that safe_mode is correctly enabled for
php-4.3.1.
Am I missing something with php-4.3.1, or should I stick with php-4.2.3?
--
Stephen Grier
Systems Developer
Computing Services
Queen Mary, University of London
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
