IMHO There is no reason to use chroot in safe_mode, and it should be disabled.
As far as webservers running as root, potentially any webserver could, though you
are probably right that some do by default.
Think of the potential hazard of a multi-threaded
webserver....
This is another dangerous system call for the web environment, and really should be
disabled if SAPI!=cgi
-Jason
----- Original Message -----
From: "Jeroen van Wolffelaar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: "PHP Developers Mailing List" <[EMAIL PROTECTED]>
Sent: Monday, August 20, 2001 2:01 PM
Subject: Re: [PHP-DEV] chroot(): _not_ safe-mode restricted?
> > > As I read it in CVS, chroot() will work even in safe-mode. Isn't this a
> bad
> > > idea(tm), or am I wrong?
> > > If users can chroot in safe-mode, Apache won't serve any more pages
> after
> > > all children have been chrooted to an empty dir?
> >
> > uhm, where have you read that? [ curious ]
>
>
> I just reasoned what could happen. if you chroot a child, I couldn't see a
> reason why it'd get respawned (since it doesn't die), but it will become a
> useless child, I guessed.
>
> > nope, cause it will run as apache user, and you have to be root to
> chroot().
>
> I believe there are webservers which are run as root, or not? If that is the
> case, chroot should be disabled in safe-mode IMHO, or better, disabled in
> webserver envirment.
>
> Currently the docs say that it is not *wise* to use it in webserver-env, not
> that is impossible. That's why I questioned safe-mode restrictions here.
>
> > -- teodor
> Jeroen
>
>
> --
> PHP Development Mailing List <http://www.php.net/>
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
