Re: [PHP] safe_mode and inclusion of files don't work as documented

> Safe mode is a bad idea. :) It's not safe; it may only have the effect > of making you think you're safe. If you have a particular reason to > use it then maybe it's OK, but just be aware that it will not exist in > future versions of PHP and relying on it is not a good idea. Security, > unfortun

Re: [PHP] safe_mode and inclusion of files don't work as documented

2009/8/31 Nico Sabbi : > Lars Torben Wilson ha scritto: >> Hi Nico, >> >> First the obligatory "safe_mode is deprecated and not recommended" >> speech. . .but I guess you've already seen that in the docs and >> decided to use it anyway. >> > > I read it, but I don't know if I have to interpret it a

Re: [PHP] safe_mode and inclusion of files don't work as documented

Please create a file(.php) and write follow codes for more details. 2009/8/31 Nico Sabbi : > Lars Torben Wilson ha scritto: >> 2009/8/28 Nico Sabbi : >> >>> Hi, >>> I'm testing one of my sites in safe_mode, but I'm experiencing some >>> st

Re: [PHP] safe_mode and inclusion of files don't work as documented

Lars Torben Wilson ha scritto: > 2009/8/28 Nico Sabbi : > >> Hi, >> I'm testing one of my sites in safe_mode, but I'm experiencing some >> strangeness that is not documented. >> >> The settings are: >> in php.ini: >> include_path = >> ".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/

Re: [PHP] safe_mode and inclusion of files don't work as documented

Lars Torben Wilson ha scritto: > Hi Nico, > > First the obligatory "safe_mode is deprecated and not recommended" > speech. . .but I guess you've already seen that in the docs and > decided to use it anyway. > I read it, but I don't know if I have to interpret it as "php6 wil only work in safe m

Re: [PHP] safe_mode and inclusion of files don't work as documented

2009/8/28 Nico Sabbi : > Hi, > I'm testing one of my sites in safe_mode, but I'm experiencing some > strangeness that is not documented. > > The settings are: > in php.ini: > include_path = > ".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/" > > in the virtualhost

Re: [PHP] safe_mode and inclusion of files don't work as documented

hack988 hack988 ha scritto: > add this > php_admin_value open_basedir > > done, but it doesn't make a difference: php_admin_value open_basedir "/server/home/nsabbi:/server/home/apache/php4:.:.." *Fatal error*: require_once() [function.require ]: Failed ope

Re: [PHP] safe_mode and inclusion of files don't work as documented

add this php_admin_value open_basedir 2009/8/28 Nico Sabbi : > Hi, > I'm testing one of my sites in safe_mode, but I'm experiencing some > strangeness that is not documented. > > The settings are: > in php.ini: > include_path = > ".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomp

[PHP] safe_mode and inclusion of files don't work as documented

Hi, I'm testing one of my sites in safe_mode, but I'm experiencing some strangeness that is not documented. The settings are: in php.ini: include_path = ".:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/" in the virtualhost config: php_admin_value safe_mod

Re: [PHP] safe_mode & exec()

On Thu, 2007-09-20 at 16:14 -0400, tedd wrote: > Hi gang: > > Would someone be so kind as to explain to me how one can use exec() > with safe_mode on? http://ca.php.net/manual/en/features.safe-mode.php#ini.safe-mode-exec-dir Cheers, Rob. -- .

[PHP] safe_mode & exec()

Hi gang: Would someone be so kind as to explain to me how one can use exec() with safe_mode on? TIA, Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsu

Re: [PHP] safe_mode

At 3:46 PM -0500 5/22/06, Richard Lynch wrote: On Sat, May 20, 2006 9:34 am, tedd wrote: > 3. Place it in your working directory. NO! Place it in the directory where PHP expects it to be. Not meaning to be argumentative, but I was simply repeating what was stated at: http://www.washington.e

Re: [PHP] safe_mode

On Sat, May 20, 2006 9:34 am, tedd wrote: > 3. Place it in your working directory. NO! Place it in the directory where PHP expects it to be. http://php.net/phpinfo will tell you where that is. In recent Apache/PHP installs, there is an Apache directory to change that, but in older versions, it

Re: [PHP] safe_mode

Safe Mode is one of those things that Systems Administrators don't really want users turning on/off willy-nilly... So it can only get set in php.ini and maybe httpd.conf, almost-for-sure. Check the docs on what can be set where -- There's a nifty chart somewhere on http://php.net On Fri, May 19,

Re: [PHP] safe_mode

What other obvious thing am I not seeing? php.net/ini says that php.ini in the working directory is only used if PHP is run from the command line. For PHP running on the web server, you should edit the system's php.ini file. You can find the location of this file with phpinfo(). Look for "Confi

Re: [PHP] safe_mode

On 5/20/06, tedd <[EMAIL PROTECTED]> wrote: At 9:01 PM -0400 5/19/06, John Hicks wrote: >tedd wrote: >>Hi gang: >> >>Please excuse me for asking another dumb-ass question, but here goes. >> >>I'm finding that setting safe_mode to ON is more difficult than I >>first thought. >> >>In my phpinfo, sa

Re: [PHP] safe_mode

At 9:01 PM -0400 5/19/06, John Hicks wrote: tedd wrote: Hi gang: Please excuse me for asking another dumb-ass question, but here goes. I'm finding that setting safe_mode to ON is more difficult than I first thought. In my phpinfo, safe_mode is set to OFF -snip- You would think the fine m

Re: [PHP] safe_mode

tedd wrote: Hi gang: Please excuse me for asking another dumb-ass question, but here goes. I'm finding that setting safe_mode to ON is more difficult than I first thought. In my phpinfo, safe_mode is set to OFF However, if I try to set it to ON in my ".htaccess" such as: php_value safe_

[PHP] safe_mode

Hi gang: Please excuse me for asking another dumb-ass question, but here goes. I'm finding that setting safe_mode to ON is more difficult than I first thought. In my phpinfo, safe_mode is set to OFF However, if I try to set it to ON in my ".htaccess" such as: php_value safe_mode 1 It do

RE: [PHP] safe_mode + move_upload_file

[snip] I try to use move_upload_file function with safe_mode (with PHP 4.3.10). When I turn the safe_mode off, the function works fine, but when I turn it back to on, the function doesn't work (with no error message). When I read the documentation about safe_mode, I do not see any restriction con

[PHP] safe_mode + move_upload_file

Hi, I try to use move_upload_file function with safe_mode (with PHP 4.3.10). When I turn the safe_mode off, the function works fine, but when I turn it back to on, the function doesn't work (with no error message). When I read the documentation about safe_mode, I do not see any restriction conce

Re: [PHP] PHP safe_mode

On Tue, April 26, 2005 6:48 am, kioto said: > Hi all i have problem with safe_mode i don't understand the logic to > apply to avoid owners > problem with script. > Can you step by step ho to solve ? http://php.net/features.safe-mode may have your answer. Be sure to read the User Contributed note

[PHP] PHP safe_mode

Hi all i have problem with safe_mode i don't understand the logic to apply to avoid owners problem with script. Can you step by step ho to solve ? Thanks so much in advice. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] safe_mode, sym-links and stat

Hi I'm running PHP in safe mode, and have symlinked executables to the execution_dir, that works great. With one exception, it is not possible to check the existence of the files, before executing them. It seems to me that stat / lstat resolves the ownership of the orig executables and safe_mode

Re: [PHP] safe_mode restriction

On Sunday 08 August 2004 17:30, Kevin wrote: > > please show us the output of 'ls -al' of the directories in question. > > Yes, I have seen the permission and its rwx-rwx-rwx i.e 777. The full output showing the owner.group would have been nice. Anyway: > Warning: mkdir(): SAFE MODE Restriction

Re: [PHP] safe_mode restriction

> So after the directories are created, those are the actual permissions that > are on them? Did you actually check this or are you assuming it? If you can, > please show us the output of 'ls -al' of the directories in question. Yes, I have seen the permission and its rwx-rwx-rwx i.e 777. -- PHP

Re: [PHP] safe_mode restriction

On Sunday 08 August 2004 12:00, Kevin wrote: Please do not top post. > Permissions are set to 0777. So after the directories are created, those are the actual permissions that are on them? Did you actually check this or are you assuming it? If you can, please show us the output of 'ls -al' of

Re: [PHP] safe_mode restriction

Permissions are set to 0777. "Jason Wong" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > On Saturday 07 August 2004 20:17, Kevin wrote: > > > I am able to make first two directories i.e 'full1/1' and 'thumb/1'. Script > > do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I al

Re: [PHP] safe_mode restriction

On Saturday 07 August 2004 20:17, Kevin wrote: > I am able to make first two directories i.e 'full1/1' and 'thumb/1'. Script > do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I also have tried > removing umask function. What are the permissions on the directories that you are able to mak

[PHP] safe_mode restriction

Greetings, I need to create some directories on the server using script. My server is having safe _mode 'On'. The script is giving me some warning like this. Warning: mkdir(): SAFE MODE Restriction in effect. The script whose uid is 10029 is not allowed to access /home/httpd/vhosts/***../

[PHP] safe_mode problem

I can't seem to get safe_mode working the way I need it to. I'm trying to allow users to include PEAR from their local webspace without disabling safe_mode. The docs tell me to simply use the safe_mode_include_dir directive, but php does not seem to be using it. Here's my config, set up in

Re: [PHP] safe_mode and file/directory ownership

Jason, safe_mode_gid may indeed be the solution, though it seems to go way too far in relaxing things. It's the functionality of safe_mode that I want ... with the proviso that the web server should be able to read files that it writes. I will not consider turning off safe_mode entirely, any mor

Re: [PHP] safe_mode and file/directory ownership

Take a look at safe_mode_gid, it tells PHP to do safe mode owner checking using the group id rather than user id. safe_mode_gid boolean By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use UID

[PHP] safe_mode and file/directory ownership

I've got a script whose configuration creates a storage directory owned by the web server in which files get stored, also owned by the web server. With safe_mode in effect, I'm getting errors like: Warning: file_exists() [function.file-exists]: SAFE MODE Restriction in effect. The script whos

[PHP] safe_mode not working with php-4.3.1

Hi all, Has anyone noticed safe_mode not working correctly with php-4.3.1? Until recently we have been running php-4.2.3 with safe_mode enabled to host a multi-user public web server. Having upgraded to php-4.3.1 I noticed that scripts can now access files on the file system owned by a different

[PHP] safe_mode and include "http://"; question

should PHP with safe_mode enabled allow include-ing of files via http:// or not? The way I read the docs it shouldn't and I would expect it to not allow such includes if it enforces permissions and open_basedir and such. i browsed around on bugs.php.net but cannot find anything revevant. is thi

Re: [PHP] Safe_Mode problem....

Hi Jim, I had the very same strange issue with a cfg var not changing. It worked after using ini_restore(). (I played around with ini_set() before. Did you as well?) I am not sure if it has anything to do with it. It sounds pretty illogical. But PHP ignoring a setting in php.ini sounds illo

Re: [PHP] Safe_Mode problem....

Jim Hatridge wrote: >Can someone give me an idea what next to do? Either how to turn off safe_mode >or a work around on the code. BTW I'm using SuSE 8.0, PHP, and Mysql on a >self-made PI/233. > Jim, If you have changed safe_mode in php.ini and phpinfo() still reports it as on, then I would

[PHP] Safe_Mode problem....

HI all... I'm trying to use "exec" and "unlink" in one of my PHP programs. Here is the code: if (exec ('euro-update.program')) { $result = mysql_query("load data local infile 'euroAUD1.txt' into table Money_AUD") or die ("AUD Load did not work.");

Re: [PHP] safe_mode

Knipe" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, July 12, 2002 12:23 PM Subject: [PHP] safe_mode > Lo all, > > Does anyone have some examples, ideas, or references on how to setup php's > safe_mode operation so that I can provide a reasonably secure

[PHP] safe_mode

Lo all, Does anyone have some examples, ideas, or references on how to setup php's safe_mode operation so that I can provide a reasonably secure environment for hosting php3 and php4 (public web sites, with public users). This is for a public type hosting environment, so I'll definately need to

[PHP] SAFE_MODE + deleting files

Hi, I have enabled the safe mode in a virtual host that uses php in order to try to prevent the user from uploading (via ftp) a php that could sniff around other's people files. Unfortunately I got stucked in a problem. this site uses php to upload and manage some files remotely. The webserver

[PHP] PHP safe_mode and reading /etc/passwd file

I have a little problem... I had to enable the PHP safe_mode, and now I receive this error message when I try to read the passwd file on the server : Warning: SAFE MODE Restriction in effect. The script whose uid is 110 is not allowed to access /etc/passwd owned by uid 0 in /home/sites/home/inc

Re: [PHP] Safe_mode in certain directories

Egan pressed the little lettered thingies in this order... > On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf > <[EMAIL PROTECTED]> wrote: > > >If you are using Apache you can set any PHP directive in > >or block by doing something like: > > > > php_admin_flag safe_mode On > > Do tho

Re: [PHP] Safe_mode in certain directories

On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf <[EMAIL PROTECTED]> wrote: >If you are using Apache you can set any PHP directive in >or block by doing something like: > > php_admin_flag safe_mode On Do those directives work in .htaccess files too? -- PHP General Mailing List (

Re: [PHP] Safe_mode in certain directories

> How do set only safe_mode = On in certain directories while others are Off. And >vice versa. If you are using Apache you can set any PHP directive in or block by doing something like: php_admin_flag safe_mode On -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscr

[PHP] Safe_mode in certain directories

Ey guys!       How do set only safe_mode = On in certain directories while others are Off. And vice versa.   Thank You.

[PHP] safe_mode

If i had safe_mode = On; in php.ini, How do i set to have a certain directory that have safe_mode=Off ?

[PHP] safe_mode and file-uploads

Hello! Where can I find a nice and COMPLETE safe_mode-description? At php.net I haven't found the demanded information. What kind of restrictions do I have relating file-system, /tmpdir, file-uploads and last not least file-permissions of files who are written by apache who is running at nobody:

[PHP] Safe_mode and prepend/append includes

Hi, I have looked at the docs and was not able to find anything covering this subject.

[PHP] safe_mode setup question

Hi! On my webserver I want to switch to enable safe_mode setup, but not for all directories. 1) I have one common directory, in which I have some root-owned files with the header and footer of our lab. I want to allow all users to include these files to easily make them look similar :-) 2)