From owner-freebsd-ports@FreeBSD.ORG  Sat Aug 23 11:54:31 2003
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 12D1116A4BF; Sat, 23 Aug 2003 11:54:31 -0700 (PDT)
Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi
	[193.166.133.10])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 870C043FB1; Sat, 23 Aug 2003 11:54:29 -0700 (PDT)
	(envelope-from eyurtese@bessel.tekniikka.turkuamk.fi)
Received: from localhost (eyurtese@localhost)
	by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id VAA26388;
	Sat, 23 Aug 2003 21:54:28 +0300
Date: Sat, 23 Aug 2003 21:54:28 +0300 (WET)
From: Evren Yurtesen <eyurtese@tekniikka.turkuamk.fi>
To: "Simon L. Nielsen" <simon@FreeBSD.org>
In-Reply-To: <20030823160818.GE391@FreeBSD.org>
Message-ID: <Pine.A41.4.10.10308232151230.17502-100000@bessel.tekniikka.turkuamk.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-ports@FreeBSD.org
Subject: Re: safe mode php
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Aug 2003 18:54:31 -0000

Thats right, it might break the people's configurations but yet the point
of that file is having a safe configuration and people who want can relax
it if they want to. Yet people has possibility to choose to upgrade the 
file or not if they are upgrading the server. Also maybe safe mode is not
as safe as it sounds but yet safer than not having at all.

Another question is (eh just to squeze in here)
When a user upload a file, how can I make it sure that only the user in
shell and the web server can read this file? 

Evren
Thanks

On Sat, 23 Aug 2003, Simon L. Nielsen wrote:

> On 2003.08.23 18:13:30 +0300, Evren Yurtesen wrote:
> > I wonder why the safe mode is off in the recommended php.ini file?
> 
> I guess because it comes that way in the PHP distribution.
> 
> > Wouldnt it be nicer to have it on?
> 
> No, since it might break peoples configurations.  Safe mode is not
> really very safe anyway (AFAIR it was discussed on bugtraq some time
> ago)...
> 
> -- 
> Simon L. Nielsen
> FreeBSD Documentation Team
>