Zeev,
I see your point. Would you accept changing safe_mode to restrictive_mode,
and refer to features as what they really are?
For example:
restrictive_uid_check = yes
restrictive_purge_environment_vars = ( )
There could be a page on php that explains all the various modes, functionality, et
"Zeev Suraski" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> At 21:53 6/2/2001, Jason Greene wrote:
> >Zeev,
> >
> >I understand your viewpoint, but I respectfully disagree. I believe that
> >there are multiple levels of security, and that the OS is
> >just p
ZS>> My point is that with safe_mode, $x = file("/etc/passwd") can probably
ZS>> still be achieved, only perhaps not that easily. The false sense of
ZS>> security that it gives you may (will) cause administrators to set their
ZS>> servers up in an insecure way.
Here I wonder, why it is impossibl
: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, February 06, 2001 9:53 PM
Subject: [PHP-DEV] Re: safe_mode redesign
> Zeev,
>
> I understand your viewpoint, but I respectfully disagree. I believe that
there are multiple levels of security, and that the OS is
&
At 21:53 6/2/2001, Jason Greene wrote:
>Zeev,
>
>I understand your viewpoint, but I respectfully disagree. I believe that
>there are multiple levels of security, and that the OS is
>just part of the picture. There always is some layer of application
>security(especially for those apps that run i
Zeev,
I understand your viewpoint, but I respectfully disagree. I believe that there are
multiple levels of security, and that the OS is
just part of the picture. There always is some layer of application
security(especially for those apps that run id=0). If you are a
hosting company ( which is
Hi Zeev,
>-- Quoted from Zeev:
> The one main problem with safe_mode in general is that the idea is
> problematic by definition. Security outside the OS level is prone to
> errors, and a false sense of security is much worse than knowing you're
> insecure.
I agree. I think this means that eithe
Jason,
The one main problem with safe_mode in general is that the idea is
problematic by definition. Security outside the OS level is prone to
errors, and a false sense of security is much worse than knowing you're
insecure.
In my opinion, safe mode should only feature features which can hav
