Safe mode is a bad idea. :) It's not safe; it may only have the effect
of making you think you're safe. If you have a particular reason to
use it then maybe it's OK, but just be aware that it will not exist in
future versions of PHP and relying on it is not a good idea. Security,
Lars Torben Wilson ha scritto:
Hi Nico,
First the obligatory safe_mode is deprecated and not recommended
speech. . .but I guess you've already seen that in the docs and
decided to use it anyway.
I read it, but I don't know if I have to interpret it as php6 wil only
work in safe mode or
Lars Torben Wilson ha scritto:
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
Please create a file(.php) and write follow codes for more details.
?php
phpinfo();
?
2009/8/31 Nico Sabbi nsa...@officinedigitali.it:
Lars Torben Wilson ha scritto:
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one
2009/8/31 Nico Sabbi nsa...@officinedigitali.it:
Lars Torben Wilson ha scritto:
Hi Nico,
First the obligatory safe_mode is deprecated and not recommended
speech. . .but I guess you've already seen that in the docs and
decided to use it anyway.
I read it, but I don't know if I have to
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
.:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/
in the virtualhost config:
php_admin_value safe_mode
add this
php_admin_value open_basedir
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
hack988 hack988 ha scritto:
add this
php_admin_value open_basedir
done, but it doesn't make a difference:
php_admin_value open_basedir
/server/home/nsabbi:/server/home/apache/php4:.:..
*Fatal error*: require_once() [function.require
http://nsabbi/login/function.require]: Failed opening
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
.:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/
in
Hi gang:
Would someone be so kind as to explain to me how one can use exec()
with safe_mode on?
TIA,
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
On Thu, 2007-09-20 at 16:14 -0400, tedd wrote:
Hi gang:
Would someone be so kind as to explain to me how one can use exec()
with safe_mode on?
http://ca.php.net/manual/en/features.safe-mode.php#ini.safe-mode-exec-dir
Cheers,
Rob.
--
Safe Mode is one of those things that Systems Administrators don't
really want users turning on/off willy-nilly...
So it can only get set in php.ini and maybe httpd.conf, almost-for-sure.
Check the docs on what can be set where -- There's a nifty chart
somewhere on http://php.net
On Fri, May
On Sat, May 20, 2006 9:34 am, tedd wrote:
3. Place it in your working directory.
NO!
Place it in the directory where PHP expects it to be.
http://php.net/phpinfo
will tell you where that is.
In recent Apache/PHP installs, there is an Apache directory to change
that, but in older versions, it
At 3:46 PM -0500 5/22/06, Richard Lynch wrote:
On Sat, May 20, 2006 9:34 am, tedd wrote:
3. Place it in your working directory.
NO!
Place it in the directory where PHP expects it to be.
Not meaning to be argumentative, but I was simply repeating what was stated at:
At 9:01 PM -0400 5/19/06, John Hicks wrote:
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I
first thought.
In my phpinfo, safe_mode is set to OFF
-snip-
You would think the fine
On 5/20/06, tedd [EMAIL PROTECTED] wrote:
At 9:01 PM -0400 5/19/06, John Hicks wrote:
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I
first thought.
In my phpinfo, safe_mode is set to
What other obvious thing am I not seeing?
php.net/ini says that php.ini in the working directory is only
used if PHP is run from the command line.
For PHP running on the web server, you should edit the
system's php.ini file. You can find the location of this file
with phpinfo(). Look for
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I
first thought.
In my phpinfo, safe_mode is set to OFF
However, if I try to set it to ON in my .htaccess such as:
php_value safe_mode 1
It
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I first
thought.
In my phpinfo, safe_mode is set to OFF
However, if I try to set it to ON in my .htaccess such as:
php_value
Hi,
I try to use move_upload_file function with safe_mode (with PHP 4.3.10).
When I turn the safe_mode off, the function works fine, but when I turn it
back to on, the function doesn't work (with no error message).
When I read the documentation about safe_mode, I do not see any
restriction
[snip]
I try to use move_upload_file function with safe_mode (with PHP 4.3.10).
When I turn the safe_mode off, the function works fine, but when I turn it
back to on, the function doesn't work (with no error message).
When I read the documentation about safe_mode, I do not see any
restriction
Hi all i have problem with safe_mode i don't understand the logic to
apply to avoid owners
problem with script.
Can you step by step ho to solve ?
Thanks so much in advice.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Tue, April 26, 2005 6:48 am, kioto said:
Hi all i have problem with safe_mode i don't understand the logic to
apply to avoid owners
problem with script.
Can you step by step ho to solve ?
http://php.net/features.safe-mode
may have your answer.
Be sure to read the User Contributed notes.
Hi
I'm running PHP in safe mode, and have symlinked executables to the
execution_dir, that works great. With one exception, it is not
possible to check the existence of the files, before executing them.
It seems to me that stat / lstat resolves the ownership of the orig
executables and safe_mode
On Sunday 08 August 2004 17:30, Kevin wrote:
please show us the output of 'ls -al' of the directories in question.
Yes, I have seen the permission and its rwx-rwx-rwx i.e 777.
The full output showing the owner.group would have been nice. Anyway:
Warning: mkdir(): SAFE MODE Restriction in
So after the directories are created, those are the actual permissions
that
are on them? Did you actually check this or are you assuming it? If you
can,
please show us the output of 'ls -al' of the directories in question.
Yes, I have seen the permission and its rwx-rwx-rwx i.e 777.
--
PHP
Greetings,
I need to create some directories on the server using script. My server is
having safe _mode 'On'. The script is giving me some warning like this.
Warning: mkdir(): SAFE MODE Restriction in effect. The script whose uid is
10029 is not allowed to access
On Saturday 07 August 2004 20:17, Kevin wrote:
I am able to make first two directories i.e 'full1/1' and 'thumb/1'. Script
do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I also have tried
removing umask function.
What are the permissions on the directories that you are able to make?
Permissions are set to 0777.
Jason Wong [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
On Saturday 07 August 2004 20:17, Kevin wrote:
I am able to make first two directories i.e 'full1/1' and 'thumb/1'.
Script
do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I also have
On Sunday 08 August 2004 12:00, Kevin wrote:
Please do not top post.
Permissions are set to 0777.
So after the directories are created, those are the actual permissions that
are on them? Did you actually check this or are you assuming it? If you can,
please show us the output of 'ls -al' of
I can't seem to get safe_mode working the way I need it to. I'm
trying to allow users to include PEAR from their local webspace
without disabling safe_mode. The docs tell me to simply use the
safe_mode_include_dir directive, but php does not seem to be using
it. Here's my config, set up in
Jason,
safe_mode_gid may indeed be the solution, though it seems to go way too
far in relaxing things.
It's the functionality of safe_mode that I want ... with the proviso
that the web server should be able to read files that it writes.
I will not consider turning off safe_mode entirely, any
I've got a script whose configuration creates a storage directory owned
by the web server in which files get stored, also owned by the web
server. With safe_mode in effect, I'm getting errors like:
Warning: file_exists() [function.file-exists]: SAFE MODE Restriction in effect. The
script
Take a look at safe_mode_gid, it tells PHP to do safe mode owner
checking using the group id rather than user id.
safe_mode_gid boolean
By default, Safe Mode does a UID compare check when opening files. If
you want to relax this to a GID compare, then turn on safe_mode_gid.
Whether to use UID
Hi all,
Has anyone noticed safe_mode not working correctly with php-4.3.1?
Until recently we have been running php-4.2.3 with safe_mode enabled to
host a multi-user public web server. Having upgraded to php-4.3.1 I
noticed that scripts can now access files on the file system owned by a
different
should PHP with safe_mode enabled allow include-ing of files via http://
or not? The way I read the docs it shouldn't and I would expect it to
not allow such includes if it enforces permissions and open_basedir and
such.
i browsed around on bugs.php.net but cannot find anything revevant. is
Hi Jim,
I had the very same strange issue with a cfg var not changing.
It worked after using ini_restore(). (I played around with
ini_set() before. Did you as well?)
I am not sure if it has anything to do with it. It sounds pretty
illogical. But PHP ignoring a setting in php.ini sounds
HI all...
I'm trying to use exec and unlink in one of my PHP programs. Here is the
code:
if (exec ('euro-update.program'))
{
$result = mysql_query(load data local infile 'euroAUD1.txt' into
table Money_AUD) or die (AUD Load did not work.);
Jim Hatridge wrote:
Can someone give me an idea what next to do? Either how to turn off safe_mode
or a work around on the code. BTW I'm using SuSE 8.0, PHP, and Mysql on a
self-made PI/233.
Jim,
If you have changed safe_mode in php.ini and phpinfo() still reports it
as on, then I would
-
From: Chris Knipe [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 12, 2002 12:23 PM
Subject: [PHP] safe_mode
Lo all,
Does anyone have some examples, ideas, or references on how to setup php's
safe_mode operation so that I can provide a reasonably secure environment
for
hosting
Lo all,
Does anyone have some examples, ideas, or references on how to setup php's
safe_mode operation so that I can provide a reasonably secure environment for
hosting php3 and php4 (public web sites, with public users).
This is for a public type hosting environment, so I'll definately need to
Hi,
I have enabled the safe mode in a virtual host that
uses php in order to try to prevent the user from
uploading (via ftp) a php that could sniff around
other's people files.
Unfortunately I got stucked in a problem. this site
uses php to upload and manage some files remotely.
The webserver
I have a little problem... I had to enable the PHP safe_mode, and
now I receive this error message when I try to read the passwd file
on the server :
Warning: SAFE MODE Restriction in effect. The script whose uid is
110 is not allowed to access /etc/passwd owned by uid 0 in
/home/sites/home/inc
On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf
[EMAIL PROTECTED] wrote:
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag safe_mode On
Do those directives work in .htaccess files too?
--
PHP
Egan pressed the little lettered thingies in this order...
On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf
[EMAIL PROTECTED] wrote:
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag
Ey guys!
How do set only safe_mode = On
in certain directories while others are Off. And vice versa.
Thank You.
How do set only safe_mode = On in certain directories while others are Off. And
vice versa.
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag safe_mode On
-Rasmus
--
PHP General Mailing List
If i had safe_mode = On; in php.ini, How do i set
to have a certain directory that have safe_mode=Off ?
Hello!
Where can I find a nice and COMPLETE safe_mode-description?
At php.net I haven't found the demanded information.
What kind of restrictions do I have relating file-system, /tmpdir,
file-uploads and last not least file-permissions of files who are written
by apache who is running at
49 matches
Mail list logo