[PHP-DOC] cvs: phpdoc /en/chapters config.xml /en/features safe-mode.xml

Mon, 20 May 2002 09:21:58 -0700 

mfischer                Mon May 20 12:38:40 2002 EDT

  Modified files:              
    /phpdoc/en/features safe-mode.xml 
    /phpdoc/en/chapters config.xml 
  Log:
  - Add documentation for safe_mode_gid and safe_mode_include_dir (closes #16691).
  
  
Index: phpdoc/en/features/safe-mode.xml
diff -u phpdoc/en/features/safe-mode.xml:1.24 phpdoc/en/features/safe-mode.xml:1.25
--- phpdoc/en/features/safe-mode.xml:1.24       Sat May 11 16:29:49 2002
+++ phpdoc/en/features/safe-mode.xml    Mon May 20 12:38:35 2002
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.24 $ -->
+<!-- $Revision: 1.25 $ -->
  <chapter id="features.safe-mode">
   <title>Safe Mode</title>
 
@@ -11,19 +11,67 @@
    especially ISP's, use safe mode for now. 
   </para>
   <para>
-   The configuration directives that control safe mode are: 
-   <programlisting role="ini">
-<![CDATA[
-safe_mode = Off 
-safe_mode_gid = 0
-safe_mode_include_dir =
-safe_mode_exec_dir = 
-open_basedir = 
-safe_mode_allowed_env_vars = PHP_ 
-safe_mode_protected_env_vars = LD_LIBRARY_PATH 
-disable_functions = 
-]]>
-   </programlisting>
+   <table>
+    <title>Configuration directives controlling safe mode are:</title>
+    <tgroup cols="2">
+     <thead>
+      <row>
+       <entry>Directive</entry>
+       <entry>Default value</entry>
+      </row>
+     </thead>
+     <tbody>
+      <row>
+       <entry>
+        <link linkend="ini.safe-mode">safe_mode</link>
+       </entry>
+       <entry><literal>Off</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <link linkend="ini.safe-mode-gid">safe_mode_gid</link>
+       </entry>
+       <entry><literal>0</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <link linkend="ini.safe-mode-include-dir">safe_mode_include_dir</link>
+       </entry>
+       <entry><literal>""</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <link linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>
+       </entry>
+       <entry><literal>1</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <link linkend="ini.open-basedir">open_basedir</link>
+       </entry>
+       <entry><literal>""</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <literal>safe_mode_allowed_env_vars</literal>
+       </entry>
+       <entry><literal>PHP_</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <literal>safe_mode_protected_env_vars</literal>
+       </entry>
+       <entry><literal>LD_LIBRARY_PATH</literal></entry>
+      </row>
+      <row>
+       <entry>
+        <literal>disable_functions</literal>
+       </entry>
+       <entry><literal>""</literal></entry>
+      </row>
+     </tbody>
+    </tgroup>
+   </table>
   </para>
   <para>
    When <link linkend="ini.safe-mode">safe_mode</link> is on, PHP checks to see 
@@ -50,6 +98,15 @@
 allowed to access /etc/passwd owned by uid 0 in /docroot/script.php on line 2
 ]]>
    </screen>
+  </para>
+  <para>
+   However, there may be environments where a strict <literal>UID</literal>
+   check is not appropriate and a relaxed <literal>GID</literal> check is
+   sufficient.  This is supported by means of the <link
+   linkend="ini.safe-mode-gid">safe_mode_gid</link> switch. Setting it to
+   <literal>On</literal> performs the relaxed <literal>GID</literal> checking,
+   setting it to <literal>Off</literal> (the default) performs
+   <literal>UID</literal> checking.
   </para>
   <para>
    If instead of <link linkend="ini.safe-mode">safe_mode</link>, you set an 
Index: phpdoc/en/chapters/config.xml
diff -u phpdoc/en/chapters/config.xml:1.52 phpdoc/en/chapters/config.xml:1.53
--- phpdoc/en/chapters/config.xml:1.52  Fri May 10 09:26:33 2002
+++ phpdoc/en/chapters/config.xml       Mon May 20 12:38:40 2002
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.52 $ -->
+<!-- $Revision: 1.53 $ -->
  <chapter id="configuration">
   <title>Configuration</title>
 
@@ -845,6 +845,21 @@
       </listitem>
      </varlistentry>
 
+     <varlistentry id="ini.safe-mode-gid">
+      <term>
+       <parameter>safe_mode_gid</parameter>
+       <type>boolean</type>
+      </term>
+      <listitem>
+       <para>
+        Whether to use <literal>UID</literal> (<literal>Off</literal>) or
+        <literal>GID</literal> (<literal>On</literal>) checking upon file
+        access. See <link linkend="features.safe-mode">Safe Mode</link> for
+        more information.
+       </para>
+      </listitem>
+     </varlistentry>
+
      <varlistentry id="ini.safe-mode-exec-dir">
       <term>
        <parameter>safe_mode_exec_dir</parameter>
@@ -855,6 +870,21 @@
         If PHP is used in safe mode, <function>system</function> and
         the other functions executing system programs refuse to start
         programs that are not in this directory.</para>
+      </listitem>
+     </varlistentry>
+
+     <varlistentry id="ini.safe-mode-include--dir">
+      <term>
+       <parameter>safe_mode_include_dir</parameter>
+       <type>string</type>
+      </term>
+      <listitem>
+       <para>
+        <literal>UID</literal>/<literal>GID</literal> checks are bypassed when
+        including files from this directory and its subdirectories (directory
+        must also be in <link linkend="ini.include-path">include_path</link>
+        or full path must including).
+       </para>
       </listitem>
      </varlistentry>

Reply via email to