Peter Brodersen wrote: > Well, safe_mode could prevent someone of doing a > shell_exec("cat /home/otheruser/web/config.php"); > open_basedir can't do the same thing. > > Even if open_basedir could restrict the location of the called > executable people could still upload a binary to their own directory.
Sorry for jumping in without reading the whole mammooth thread: Why not unbundle safe_mode_exec_dir from safe_mode and keep it? That way, the obvious stuff gets fixed (although you can still shoot yourself in the foot with stuff like convert or whatever $CMS_OF_THE_DAY might require to run smoothly). Is that feasible? Regards, --ck -- http://www.de-punkt.de [ [EMAIL PROTECTED] ] http://www.stormix.de PHP-Anwendungen sind gefährdet! SQL-Injection, XSS, Session-Angriffe, CSRF, Commandshells, Response Splitting,... böhmische Dörfer? Dann gleich "PHP-Sicherheit" direkt beim Verlag vorbestellen! http://www.php-sicherheit.de/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php