SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: php Safe Mode?

  1. #1
    Bored One boredboi's Avatar
    Join Date
    Jul 2000
    Posts
    238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What is the difference if the php option Safe Mode is enabled in the server?

    Would this disable the use of fopen() or file(), to get files from pages not in my directory?

  2. #2
    SitePoint Evangelist
    Join Date
    Jul 2000
    Location
    Warwickshire, England
    Posts
    557
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For more specs read http://www.php.net/manual/phpfi2.html#safemode

    "Simply put, if a file is either owned by the same user id as the script that is trying to access it, or if the file is in a directory that is owned by the same user as the script that is trying to access it, then the access is allowed."

    ...

    "Safe Mode applies to each function which could possibly be a security risk. Below is the current list of checks applied to each relevant function."

    ...

    "Include, ReadFile, Fopen, File, Link, Unlink, Symlink, Rename, RmDir, ChMod, ChOwn, ChGrp, Exec, System, PassThru and Popen"

    "Executables to be forked and executed must reside in the directory defined by the PHP_SAFE_MODE_EXEC_DIR #define in php.h when PHP is compiled."

    It also mentions some mysql functions and HTTP auths.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •