Hi all, Has anyone noticed safe_mode not working correctly with php-4.3.1?
Until recently we have been running php-4.2.3 with safe_mode enabled to host a multi-user public web server. Having upgraded to php-4.3.1 I noticed that scripts can now access files on the file system owned by a different UID/GID, which is supposed to be prohibited in safe_mode. If I switch back to php-4.2.3, I get safe_mode restrictions as expected. get_ini('safe_mode') shows that safe_mode is correctly enabled for php-4.3.1. Am I missing something with php-4.3.1, or should I stick with php-4.2.3? -- Stephen Grier Systems Developer Computing Services Queen Mary, University of London -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php