I recall that discussion now that you mentioned it. Thanks for the info. Trev.
> -----Original Message----- > From: Charlie Brady [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 14, 2002 4:40 PM > To: Trevor Ouellette > Cc: [EMAIL PROTECTED] > Subject: Re: [e-smith-devinfo] PHP and Events > The short answer is no. PHP scripts are interpreted inside the > web server, > so run with the user and group id of the web-server, i.e. www. And 'www' > doesn't have permission to do anything privileged. The manager > scripts can > do privileged things because they are setuid scripts, and run as 'root'. > > There was some discussion about running PHP in the admin web server a few > weeks ago where I discussed some of the security implications. -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
