> > Wouldn't they still be able to overwrite each other? > I don't think I expressed myself clearly. The point of the > protection is > to keep the scripts from overwriting each other on purpose. It was a > protection that would make it posible to upload scripts, even if you > were not completly sure they were safe. >
So, you are concerned that someone will write a script that when RUN could purposely overwrite some other files. If I had people uploading their own code to my server, I would be concerned as well. In fact, 'concerned' is not quite a strong enough word. As far as I know, when the uploaded script runs, it will have all the same permissions that the user the webserver runs as has. So there would be no (easy) way to control the possibility that it will overwrite files, add records to your database, launch an attack on another host, send 100,000 spam messages to the whitehouse, download porn and email it to your minister, etc, etc, etc... JM -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
