On Thu, 08 May 2008 02:43:45 +0100, Brice Burgess <[EMAIL PROTECTED]> wrote:
Having users set proper permissions on a "working" directory crosses
eyes... let alone the introduces the possibility of a security risk as
"777" is the lowest common denominator here!
0700 is the lowest, if you make this directory owned by web server process.
If you're very concerned about having PHP files writeable, you can force
PHPTAL to compile everything beforehand (e.g. in Makefile or install
script) and then make these files read-only, e.g.:
foreach($all_template_files as $file)
{
$phptal->setTemplate($file);
$phptal->prepare();
chmod($phptal->getCodePath(), 0400);
}
but I don't recommend this, because PHPTAL will panic if you later change
source files and it won't be able to recompile them.
--
regards, Kornel
_______________________________________________
PHPTAL mailing list
PHPTAL@lists.motion-twin.com
http://lists.motion-twin.com/mailman/listinfo/phptal
