|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-10-27 00:58 UTC] rasmus@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Nov 03 15:00:02 2025 UTC |
I keep PHP both as an apache module and as a standalone shell, However, to be responsible, I need safe mode for the apache module and so it's in the .ini file. But when I run the script from a standalone shell from suexec, PHP insists on reading the .ini, going into safe mode, and then setuid's -1, from which there is no recovery. There is no way around this except to compile each version with a separate config-file-path, one path has a config without safe_mode and one does. Scenario: script file has same owner uid as POSIX getuid() script is being executed through a shell (#!/usr/local/bin/php) You cannot specify an alternate config file from the shell invocation when being executed from suexec -- it will keep on reporting, "No input file specified" (which is an entirely separate issue.) There should be an option for the shell not to enter safe-mode, and it could be specified as part of the shell invocation line in the script, (ie #!/usr/local/bin/php --no-safe-mode) I think if some restriction control could be placed in the .ini file to restrict who is allowed to perform that function, that would safe enough. Bram