[EMAIL PROTECTED] wrote: > But where user "fred" can opendir() a directory owned by user "mary" > (underneath the open_basedir), that action doesn't even pass a UID check > if the UIDs are supposed to match in safe mode in order for the action to > be allowed. > > How would an optional GID check help? >
It may, it may not. It works like user/group permission as you know. I don't know what you want to protect :) Do you mean a script with "opendir()" shouldn't allow openning any directory under "open_basedir" if UID does not match? I think it should be allowed. It's perfectly valid to me. What if directory is owned by other user, but there is files owned by the user. Would you like to disallow to list directory? I guess not. You can protect file basis, why do you need other protection for directories under open_basedir? Do you have good reason for this? -- Yasuo Ohgaki > > >>>When in "safe mode" shouldn't PHP check to see if the directory that is >>>about to be opened with a opendir() function has the same UID as the PHP >>>script itself, and fail if the UIDs do not match? >>> >> >> From 4.1.0, optional GID check is available. >> >>Take a look at lastest implementation see if you still have issues. >> >>http://snaps.php.net/ >> >>-- >>Yasuo Ohgaki >> >> > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
