ID: 29805
Updated by: [EMAIL PROTECTED]
Reported By: michaelw at webcentral dot com dot au
-Status: Open
+Status: Feedback
Bug Type: iPlanet related
Operating System: Solaris 9
PHP Version: 4.3.8
Assigned To: thetaphi
New Comment:
Two things you can do at this time, the remove of the safe_mode
security check for NSAPI is under discussion:
a) Remove the "if" clause from nsapi.c:
php_handle_auth_data(pblock_findval("authorization", rq->headers)
TSRMLS_CC);
b) Disable Safe-Mode only for this application. With NSAPI you can do
this in vserver.obj.conf:
* Create a new Style in Server Manager and assign this style to the
PHPMyAdmin directory
* Change the obj.conf in that style (<Object name="bla">) and add the
php4_execute-service as in the "default" object; but add a safe_mode=0
to the end of the line (this is an additional php.ini value)
Previous Comments:
------------------------------------------------------------------------
[2004-09-22 11:23:30] michaelw at webcentral dot com dot au
Ok, the new CVS release works correctly if safe_mode is disabled.
However, if safe_mode is enabled, there does not appear to be any way
to get authentication information.
This presents a problem for me, at least, as in my environment I need
to run PHPMyAdmin (using HTTP authentication) with safe_mode turned on.
Is there some method for obtaining authentication information whilst
running under safe mode ?
------------------------------------------------------------------------
[2004-09-22 00:02:36] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php4-STABLE-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
Snapshots with this patch are available now.
------------------------------------------------------------------------
[2004-09-15 23:55:58] [EMAIL PROTECTED]
Sorry, you cannot take the PHP4 latest stable snapshot now, because it
is frozen (release of 4.3.9) and this bug is not critical. After
release of 4.3.9 this is fixed in CVS.
------------------------------------------------------------------------
[2004-09-15 23:33:11] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php4-STABLE-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
For newer servers (SunONE 6.0) leave out the php4_auth_trans directive
in *.obj.conf, it works without!
------------------------------------------------------------------------
[2004-09-14 03:59:41] michaelw at webcentral dot com dot au
Hi,
Just wondering if you've found time to look at this ?
Regards,
Michael Ward.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/29805
--
Edit this bug report at http://bugs.php.net/?id=29805&edit=1
