ID: 24604
Updated by: [EMAIL PROTECTED]
Reported By: timo dot hummel at 4fb dot de
-Status: Open
+Status: Closed
Bug Type: Documentation problem
Operating System: SuSE Linux 8.2 Linux 2.4.19
PHP Version: Irrelevant
New Comment:
Behavior of move_uploaded_file() with safe_mode is already described.
Functions affected by safe_mode have already a note about safe_mode.
safe_mode_gid is also already documented: "However, there may be
environments where a strict UID check is not appropriate and a relaxed
GID check is sufficient. This is supported by means of the
safe_mode_gid switch. Setting it to On performs the relaxed GID
checking, setting it to Off (the default) performs UID checking."
I suppose that the behavior of safe_mode is not going to change
according proposal 1.
Previous Comments:
------------------------------------------------------------------------
[2004-07-16 15:12:14] bramspam at pandora dot be
This is a pretty old bug, so has this been fixed yet? My webhost is
running a pretty darned old PHP version, but I don't see the point in
bugging them to upgrade of this bug isn't fixed yet ..
------------------------------------------------------------------------
[2004-05-31 09:37:18] real763 at uni dot de
uhm thats not great
ftp doenst work , and CGI is not running, too :(
Warning: ftp_connect() [function.ftp-connect]:
php_network_getaddresses: getaddrinfo failed: Name or service not known
in /home/www/htdocs/myhost.com/bla.php on line 382
@develop: plz upgrade SAFE_MODE : - )
------------------------------------------------------------------------
[2004-03-01 02:31:19] timo dot hummel at 4fb dot de
>It makes no sense to let users create
> a dir and not let them write to it.
Well, that's another thing. It's probably about the umask, however,
most providers and/or distribution builders should take care of this,
but aren't.
------------------------------------------------------------------------
[2004-03-01 02:24:04] soenke at regelt dot com
safe_mode_gid should be a workaround for this.
@Developers: Please let us know your plans about this issue.
--
Soenke
------------------------------------------------------------------------
[2004-01-29 18:26:33] rlammers at angelfire dot com
The simplest way to let users do anything on my website is by creating
a subdir for them to separate their actions from others.
Now my webhost has turned safe_mode on and the only work-around is to
let the ftp-pasword lying around in a script file. Nice security that
is!.
Please fix this (imho major) bug. It makes no sense to let users create
a dir and not let them write to it.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/24604
--
Edit this bug report at http://bugs.php.net/?id=24604&edit=1
