|
|
Posted by Jean-Francois Ortolo on 01/24/06 14:18
Hi all
I need to know, whether or not any or all of those functions, are
being permitted when safe mode is 'On', and the uid/gid of the current
directory, is not the same as uid/gid of the executing php script (
apache/apache as module, no suexec )
Indeed, the current directory has permissions setup such there
shouldn't be any permission error, from a unix/linux point of view. (
Linux/Apache/MySQL server ), i.e.: -rwx---rwx
For any of those functions, may I be allowed to ask for you, to say
me whether the functions above either are permitted, or not:
touch($filename);
$fp = opendir('.');
readdir($gp);
closedir($fp);
And also:
unlink($filename); // ( in the case the uid/gid of the file is the
same as the script's one ( apache/apache ), *and* the uid/gid of the
current directory is not the same. )
In the PHP Manual web site, none of the directory functions appear to
be restricted, however the list is not exhaustive.
For the touch() function, I think I've a doubt, for there's a comment
from a developer on the PHP Manual site, saying this function touch() is
allowed as well, under those conditions.
As for the unlink() function, that's not clear for me, if the uid/gid
to be considered, is either the file's one, or the uid/gid of the
current directory.
Many thanks for all your responses !
Thank you very much.
Best regards.
Jean-Francois Ortolo
Navigation:
[Reply to this message]
|