This may or may not help, but very often we run into problems with Typo3 that product the symptoms you describe and it's not safe_mode but the session directory. Typically when we move a site from one machine to another, and say on one machine the apache user is www (the old default) but on the new system the apache user is apache, you'll get permissions errors trying to write PHP session information (which is sometimes written to /var/tmp). If the site we are moving is set up to use www, we simply change the apache user in httpd.conf and then change the permissions on the session directory (which again, could be either /var/tmp or something in /usr/lib).
sean H. Hahn wrote: > Dear mr. Persequers, > Thanks so far. Your answer is relatively clear. I set > > safe_mode_include_dir = "/var/tmp" > > in php.ini, but it had no effect, the errors remain. So I still cannot > access the back end! > > On the other hand, as I said in my first post in this thread, I have two > other websites running with another ISP, using PHP 5.2.3. This ISP > himself sets safe mode on. He does not even support cgi-bin(!), so I > doubt if I am able at all to set safe mode to off. Yet the two websites > run fine there. (But I don't know what would happen if that ISP upgrades > to PHP 5.2.6 or higher). > > I am sorry to say the your suggestions in your last paragraph on > "replacements" for safe mode are far beyond my knowledge of Linix and Unix. > > H. Hahn > > > Xavier Perseguers schreef: > >> Hello, >> >> >>> As an alternative, I made a little script, test_sess_start.php, >>> containing only three lines: >>> >>> <?php >>> session_start(); >>> ?> >>> >>> This resulted in exactly the same errors: >>> >>> *Warning*: session_start() [function.session-start >>> <http://www.cheider.nl/cheider2007/fileadmin/scripts/function.session-start>]: >>> >>> SAFE MODE Restriction in effect. The script whose uid is 1152609 is >>> not allowed to access /var/tmp/ owned by uid 0 in >>> */usr/local/WWW/A/.5c2/p/pels4/htdocs/cheider2007/fileadmin/scripts/test_sess_start.php* >>> >>> on line *2* >>> >> The message is clear: in Safe mode, the script should be the owner of >> the directory in order to be able to either run or write from/to a >> directory. uid 0 is Root, which is a normal owner for /var/tmp. Do not >> try to change this! >> >> According to http://ch2.php.net/features.safe-mode, you should declare >> /var/tmp in safe_mode_include_dir. Now, as it is said, safe mode is >> not a good solution to the security problem and personnaly I >> deactivated it completely for TYPO3 because it causes more problems >> than it solves them. >> >> >>> It actually seems to be a PHP5.2.6 error, or an Apache error, but it >>> is such a nasty error that the T3 BE doesn't work with it. >>> >> As said, you'll have a hard work to let TYPO3 run in safe mode, and >> much more work if you plan to share your TYPO3 sources with many >> website that run under different UID. >> >> You should investigate, whenever possible, other solutions to protect >> your website, such as modsecurity and removing execution right no /tmp >> or any directory accessible trough your scripts. This way nasty >> scripts that may be "uploaded" to your server won't be able to be run. >> In addition, use safe mode only to restrict the list of directories >> that may contain executables but do not enforce UID/GID check. >> >> HTH >> >> > _______________________________________________ > TYPO3-english mailing list > TYPO3-english@lists.netfielders.de > http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english > > -- Sean Fulton GCN Publishing, Inc. Internet Design, Development and Consulting For Today's Media Companies http://www.gcnpublishing.com (203) 665-6211, x203 _______________________________________________ TYPO3-english mailing list TYPO3-english@lists.netfielders.de http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
