On Sun, 6 May 2001, Estelle Martin wrote:
> What do you think about the following configuration:
> 1) safe-mode on : this ensures that a php script can read only files that
> are owned by the same Unix user on the machine; then just check that people
> having a right to use php and mysql on your box have all a different
> corresponding Unix user.
I can not use it because I need to create files dynamically and
they will have ,,nobody'' as an user. Further executing scripts
have no way to read those files.
> 2) open-basedir : put this parameter for each "php directory" to this
> directory; then the scripts cannot access files that are elsewhere on the
> server
>
> In Apache httpd.conf it would be like:
> <Directory /path-to-a-php-directory>
> AddType application/x-httpd-php .php .php4
> AddType application/x-httpd-php-source .phps
> php_admin_value open_basedir '/path-to-a-php-directory'
> </Directory>
> Has someone tested it ? Do you see a problem in it ?
I haven't tested it, however it looks nice and I'll talk to my
server's owner about it. There is however one bad feature of this
method, the administroation. For every user and every application
administrator has to create an entry in httpd.conf. Anyway it's
his/her problem...
Thanks for suggestions!
Regards,
Andrzej
--
http://kokosz.horyzont.net
http://www.earthdawn.pl
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
