[Fwd: [PHP3] So called safe mode]
Archiv Mailingliste php_(at)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: [PHP3] So called safe mode]

Ich glaube, der Beitrag aus dem Anhang aus der php3-Liste beschreibt
genau mein Problem. 

Vorher hatte ich meinen Support angeschrieben:

> > I am told that php3 runs as a specific user and perl as another; the
> > right of this user "perl" are sufficient to do everything
> > imaginable, but the right of user "php" not. This can be changed in
> > "httpd.conf".
> No it can't.  We have php installed as an apache module, not as a cgi
> script, so it can only run as nobody.
> > 
> > Where can I find this file (I couldn't find it yet), how do I
> > configure the entry in this file?
> > 
> You don't have access, only root can make changes there.
> John V.
> support

Ich kann keine einzige Datei lesen, es sei denn in meinem
Test-Verzeichnis, das 777 Rechte hat und in dem ich meine Dateien
selber angelegt habe. 

??? Das kann es doch nicht sein! Da muß ich doch wieder zu Perl
zurück! Oder wie? Warum kann ich mit include oder require Dateien
einbinden, sobald ich aber eine Datei in eine Variable lesen will,
geht es nicht?

<absolut verwirrt>

Mit freundlichem Gruss
Werner Stuerenburg

ISIS  Gesellschaft fuer Softwareentwicklung und -vertrieb mbH
Webdesign - Uhlandstr. 8  -  D-32120 Hiddenhausen  -  Germany
Tel. 0(049)5224-9974-07, Fax-09,  <mailto:ws_(at)>
-  <>  -  <>  -

---- Begin included message ----
Safe mode can be a pain.

My apache web server runs as "nobody" and the files are owned by "web" -
very sensible - we don't want CGI's to be able to modify the web files!!

Trouble is, and files created by PHP are owned by nobody... which then
php refuses to open because the php programs are owned by web!

The only solutions are to disable safe mode, or to have the php scripts
owned by nobody - neither is ideal.

I think we need a httpd.conf/php3.ini ONLY configuartion directive to
list UID's not to be included in the safe mode test; thus I could say
that for my web, scripts in a web can always open files owned by nobody.

I know that it will be OK if user "web" owns the folder in which the
file exists, but we don't really want a seperate temporary folder for
each user that owns php scripts.


PHP 3 Mailing List (
To unsubscribe, send an empty message to php3-unsubscribe_(at)
To subscribe to the digest, e-mail: php3-digest-subscribe_(at)
To search the mailing list archive, go to:
To contact the list administrators, e-mail: php-list-admin_(at)

---- End included message ----

Home | Main Index | Thread Index

php::bar PHP Wiki   -   Listenarchive