Posted by Michael Fesser on 01/03/08 05:19

..oO(Jerry Stuckle)

>Michael Fesser wrote:
>> There are reasons for running PHP as CGI/FastCGI, especially on a shared
>> server, where security should be more important than performance. And on
>> an Apache the $_SERVER['DOCUMENT_ROOT'] is available even with PHP/CGI.
>
>With correct configuration of the virtual host, PHP is secure, even as a
>module.
>
>But some hosts just don't know how to configure it properly.

I was not referring to safe_mode, open_basedir or similar restrictions
(an enabled safe_mode for example would be a reason for _me_ to change
host), but to the execution of scripts under the name and with the
permissions of the script owner.

Micha

• Next in forum: Variable value gets rounded off
• Prev in forum: Re: PHP5 and class inheritance question
• Thread view: Re: Relative paths in require_once problem (possibly all include routines)

[Reply to this message]