Re: [PHP] Proper configuration of safe mode
On Wed, July 12, 2006 4:18 pm, mbneto wrote: What is wrong with my openbase_dir setting? (yes I've already read the manual - http://www.php.net/manual/en/features.safe-mode.php - before posting my first message). Since safe mode will be deprecated what is (will be) the alternative? The things safe mode attempts, and fails, to insure against for security are things you need to do in your server configuration, not in PHP. safe mode was, quite possibly, one of the worst names for it, as it's more like things PHP can sort of do not very well to solve a problem that's not even in the realm of problems PHP can solve I guess that was just too long, so they went with 'safe mode' :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Proper configuration of safe mode
Hi, I'd like to enable safe mode in my current setup but it seems that I am doing something wrong. I have configure a webmail (IMP) and I can access my messages fine but when I try to send a new one I get error message in my log Jul 12 15:00:44 HORDE [error] [imp] sendmail [/var/www/phpexecdir/sendmail] is not a valid file [on line 1042 of /var/www/html/horde/imp/compose.php] My webserver configuration Directory /var/www/html/horde/ php_admin_flag safe_mode On php_admin_value upload_tmp_dir /var/www/html/horde/tmp php_admin_value safe_mode_include_dir /usr/share/pear:/var/www/html/horde/ php_admin_value open_basedir .:/usr/share/pear:/var/www/html/horde/ php_admin_value safe_mode_exec_dir /var/www/phpexecdir/ /Directory I have copied sendmail from it's original location to this new one. Any tips?
Re: [PHP] Proper configuration of safe mode
mbneto wrote: Hi, I'd like to enable safe mode in my current setup but it seems that I am doing something wrong. have a look at the open_base_dir ini setting. IIRC safe_mode is being depreciated and will eventually be phased out. I have configure a webmail (IMP) and I can access my messages fine but when I try to send a new one I get error message in my log Jul 12 15:00:44 HORDE [error] [imp] sendmail [/var/www/phpexecdir/sendmail] is not a valid file [on line 1042 of /var/www/html/horde/imp/compose.php] My webserver configuration Directory /var/www/html/horde/ php_admin_flag safe_mode On php_admin_value upload_tmp_dir /var/www/html/horde/tmp php_admin_value safe_mode_include_dir /usr/share/pear:/var/www/html/horde/ php_admin_value open_basedir .:/usr/share/pear:/var/www/html/horde/ php_admin_value safe_mode_exec_dir /var/www/phpexecdir/ /Directory I have copied sendmail from it's original location to this new one. Any tips? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Proper configuration of safe mode
Hi Jochem, Thanks for the reply. What is wrong with my openbase_dir setting? (yes I've already read the manual - http://www.php.net/manual/en/features.safe-mode.php - before posting my first message). Since safe mode will be deprecated what is (will be) the alternative? On 7/12/06, Jochem Maas [EMAIL PROTECTED] wrote: mbneto wrote: Hi, I'd like to enable safe mode in my current setup but it seems that I am doing something wrong. have a look at the open_base_dir ini setting. IIRC safe_mode is being depreciated and will eventually be phased out. I have configure a webmail (IMP) and I can access my messages fine but when I try to send a new one I get error message in my log Jul 12 15:00:44 HORDE [error] [imp] sendmail [/var/www/phpexecdir/sendmail] is not a valid file [on line 1042 of /var/www/html/horde/imp/compose.php] My webserver configuration Directory /var/www/html/horde/ php_admin_flag safe_mode On php_admin_value upload_tmp_dir /var/www/html/horde/tmp php_admin_value safe_mode_include_dir /usr/share/pear:/var/www/html/horde/ php_admin_value open_basedir .:/usr/share/pear:/var/www/html/horde/ php_admin_value safe_mode_exec_dir /var/www/phpexecdir/ /Directory I have copied sendmail from it's original location to this new one. Any tips?
Re: [PHP] Proper configuration of safe mode
mbneto wrote: Hi Jochem, Thanks for the reply. What is wrong with my openbase_dir setting? I have no idea if there is anything wrong with it - I just missed that you had it at all! (yes I've already read the manual - http://www.php.net/manual/en/features.safe-mode.php http://www.php.net/manual/en/features.safe-mode.php - before posting my first message). Since safe mode will be deprecated what is (will be) the alternative? none (it disappears in php6) - well using CGI/fastCGI and running as the specific user in question is one way (I guess) but I have no experience using them. you will still have: open_basedir disable_functions disable_classes but read this page (again) http://php.net/features.safe-mode, the first paragraph explains why php shouldn't be doing the job safe_mode *tries* to tackle. ask yourself the question as to why you want/need safe_mode. you may be an ISP in which case there is probably good reason to wANt to use it, but realise safe_mode is not designed to protect the server from the outside world but to protect the servers' users from each other. On 7/12/06, *Jochem Maas* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: mbneto wrote: Hi, I'd like to enable safe mode in my current setup but it seems that I am doing something wrong. have a look at the open_base_dir ini setting. IIRC safe_mode is being depreciated and will eventually be phased out. I have configure a webmail (IMP) and I can access my messages fine but when I try to send a new one I get error message in my log Jul 12 15:00:44 HORDE [error] [imp] sendmail [/var/www/phpexecdir/sendmail] is not a valid file [on line 1042 of /var/www/html/horde/imp/compose.php] My webserver configuration Directory /var/www/html/horde/ php_admin_flag safe_mode On php_admin_value upload_tmp_dir /var/www/html/horde/tmp php_admin_value safe_mode_include_dir /usr/share/pear:/var/www/html/horde/ php_admin_value open_basedir .:/usr/share/pear:/var/www/html/horde/ php_admin_value safe_mode_exec_dir /var/www/phpexecdir/ /Directory I have copied sendmail from it's original location to this new one. Any tips? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
