On Mon, 1 Nov 2004 01:19:54 +0300, Antony Dovgal <[EMAIL PROTECTED]> wrote: > On Sun, 31 Oct 2004 10:46:28 -0800 > Sterling Hughes <[EMAIL PROTECTED]> wrote: > > > I still consider adding such things wrong.... > > Sterling, I still think that you can be right, but I'd > like to hear some arguments. > "This is wrong" or "this is silly" aren't too informative. >
I think the best argument came from Derick > Privilege seperation should be a function of a > webserver, not of a scripting language and therefore we shall not put > hacks in extensions because libraries do not adhere to safe mode. It's > almost certain that one can never put all the necessary checks in the > extension anyway. Speaking as an administrator who would be particularly affected by this situation (I work at a web hosting company that does a fair amount of shared web hosting) I could not agree more. Safemode should not attempt to modify the actions of the underlying libraries. Setting up a solid shared hosting platform takes a lot more than just one PHP option, and if you don't want this functionality in curl on your system, you should remove it from curl. However that is just my 2 cents. -- Adam C. Greenfield <[EMAIL PROTECTED]> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
