LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
From: Alan Kennington <akenning@dog.topology.org>
To : Geoffrey D. Bennett <g@netcraft.com.au>
Date: Thu, 6 Jan 2000 19:42:31 +101800
Re: php3 configuration and mutt/pgp configuration
Geoffrey,
It works!!
Obviously the line
================================
AddType application/x-httpd-php3 .php3
================================
can have both Directory and VirtualHost scope,
whereas the lines
================================
php3_engine on
php3_safe_mode on
php3_doc_root /home2/dog/tesol/www/php3/
================================
seem to be only able to recognize
VirtualHost scope.
I guess all AddType commands must recognize
Directory scope as a general rule, independent
of whether it is PHP3 or not.
I've now verified that the scopes work
precisely like this, and this therefore
solves the immediate problem of restricting
PHP3 scripts to directories over which I have
control. Obviously this is important if you've
got other people writing stuff for virtual sites
that you are hosting.
New question 1:
What does "php3_safe_mode" do?
The documentation for PHP3 doesn't seem
to say. Here's the explanation they give:
======================================
safe_mode boolean
Whether to enable PHP's safe mode.
======================================
This reminds me about the joke about the lost
aeroplane which finds it way from useless
information provided by an MS employee....
("You're in an aeroplane." etc.)
The other bit of explanation seems to be wrong:
======================================
safe_mode_exec_dir string
If PHP is used in safe mode, system() and
the other functions executing system programs
refuse to start programs that are not in this directory.
=====================================
In fact, the directory safe_mode_exec_dir also
applies to _any_ file that is to be opened.
At least I couldn't open any file for appending
if it was outside this directory.
New question 2:
How would _you_ configure PHP3 to be safe if
you want someone else to have free reign over
a virtual host, except for one sub-directory?
In particular, would you turn on
"safe_mode"? I can't work out if it's worth having
without using "safe_mode_exec_dir" also.
---------------------------------
By the way, giving a talk on PHP3 was
a Good Idea (TM) in my opinion. A good
choice of topic.
When I look back at the old Perl/CGI script
which I have just converted to PHP3, I am amazed
by how completely incomprehensible and
unmaintainable it is. Changing to PHP3 is a very
good move. I'm looking forward to linking up to
PostgreSQL with PHP3 now. SHould be good...
Cheerio, and thanks for the PHP3 intro talk,
Alan Kennington.
--------------------------------------------------------------------
name: Dr. Alan Kennington
e-mail: akenning@dog.topology.org
website: http://topology.org/
city: Adelaide, South Australia
coords: 34.89744 S, 138.58970 E
pgp-key: http://topology.org/key_ak2.asc
company: Topology Technology Australia Pty. Ltd.
ACN: 090 599 152
website: http://topoz.com/
Index:
[thread]
[date]
[subject]
[author]
Return to the LinuxSA Mailing List Information Page