Tim Traver wrote:
Chris,
I believe that is the reason that the PHP group came up with the
open_basedir directive.
The open_basedir prevents you from looking into anything higher than a
particular directory tree using PHP.
So, a combination of safe_mode and open_basedir should prevent your
script from being able to walk the tree.
Is there some way to get around open_basedir ?
Only if you are able to execute commands outside of php, what Pablo is.
I didn't think there was, and if there is, then we better post that to
the security guys at php, cause that's not good.
Yes, there are many scripts that assume no safe_mode, and therefor do
not work. It usually means they are trying to do something a little more
powerful with the filesystem, or system commands, and shared hosts don't
want random system commands being run on the machines...;)
Am I saying its perfect ? No. I think it should be pretty safe though if
implemented correctly.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
