Hi Dne Mon, 4 Oct 2010 14:44:06 +0200 Jörg Sommer <jo...@alea.gnuu.de> napsal(a):
> Hi Michal,
>
> Michal Čihař hat am Mon 04. Oct, 11:41 (+0200) geschrieben:
> > Dne Sun, 3 Oct 2010 00:32:52 +0200
> > Jörg Sommer <jo...@alea.gnuu.de> napsal(a):
> > > + php_admin_flag safe_mode On
> >
> > Safe mode is deprecated as of PHP 5.3.0, so it does not make sense to
> > enable it now.
>
> But it's still available. The deprecation means, you should not rely on
> it, but you can enable it and us it, as long as it's there.
Well it's available right now. But we're already in freeze, so we're
not targeting these changes for squeeze and next release will most
likely come in time when safe mode will be gone from PHP forever.
>
> > > + php_admin_value upload_tmp_dir /tmp
> > > + php_admin_value open_basedir
> > > /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/tmp/
> >
> > I don't like overriding upload_tmp_dir from PHP configuration is a good
> > idea and without that I don't think it is possible to set open_basedir.
>
> What about using a special upload_tmp_dir like
> /var/lib/phpmyadmin/php_upload_dir?
Still not sure about fact, that phpMyAdmin should use some different
settings than rest of the system here.
> > > + php_admin_value disable_functions
> > > exec,passthru,popen,proc_open,shell_exec,system,socket_create,fsockopen,pfsockopen
> >
> > According to documentation "This directive must be set in php.ini For
> > example, you cannot set this in httpd.conf."
>
> No, that's the difference between php_value and php_admin_value. With
> php_admin_value you can set all directives allowed in the global php.ini.
You seem to be right and the PHP documentation is (again)
confusing :-). Added, with exception of proc_open, which can be used by
transformation.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature
