473,760 Members | 10,633 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Disable safe mode without loss of security ?

Hello,

I'm trying to disable safe mode from my php installation. First
because this functionality will be removed in PHP6, and because it's
very restrictive and it's giving me headaches when configuring
frameworks and other applications. Moreover, it's said on the php
website that the safe mode solution is not a good thing... I'm looking
for a tutorial which indicates what to configure on a server in order
to have a secured installation of PHP, but without safe mode. I can't
find it...

Thank you !

May 2 '07 #1
1 3497
I'm trying to disable safe mode from my php installation. First
because this functionality will be removed in PHP6, and because it's
very restrictive and it's giving me headaches when configuring
frameworks and other applications. Moreover, it's said on the php
website that the safe mode solution is not a good thing... I'm looking
for a tutorial which indicates what to configure on a server in order
to have a secured installation of PHP, but without safe mode. I can't
find it...
If you see the documentation of safe mode, you see it starts by saying
this really should be done on the server itself. However, this is
OS-specific, so it is not easy to give any details without knowing the
OS that will run the page.

In general, the web server itself will run as a user that is known to
the OS. This user should be given enough rights to run the site, but too
little rights to do more harm to the system. It mainly comes down to
rights management. The rights can (and should!) be set correctly on the
OS, but can (and should!) be given in the web server as well for the
site users.

One approach is to have a directory for your site that is accessible to
the web server process on OS-level, with a subdirectory in it that is
served, and therefore publicly accessible (called the web root, usually
"htdocs" or "www"). Deny directory browsing and set an index page on the
web server level. Put your library php files outside the web root, so
they can only be called from php, but never directly from a web browser.

Best regards,
--
Willem Bogaerts

Application smith
Kratz B.V.
http://www.kratz.nl/
May 2 '07 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
22
6961
Copying Web Page Content - Disable
by: Matt | last post by:
When browsing a web page a user has the ability to highlight content on a page (by holding down the left mouse button and dragging the mouse over the desired content). Is there a way to disable this option? I assume there isn't but I have to try.
Javascript
2
6196
SAFE MODE,fopen, and chmod
by: Joseph S. | last post by:
Hi all, Consider this case: I have a free php hosting account (a LAMP host) with an account name (also the name of my directory) 'sample'. Under 'sample', I have php scripts which can create files and folders programmatically. I have manually created a directory called 'users' under 'sample' and have given it a chmod 777 successfully. >From my script in 'sample', say myscript.php, I can successfully create any number of files inside...
PHP
8
8418
Session_End and SqlServer Session Mode
by: karahan celikel | last post by:
I realized that when SqlServer mode is used for session management Session_End event is not fired in global.asax. What can I do if I want to do something when a user's session end? Thanks
ASP.NET
11
4860
How many people disable Javascript?
by: matty | last post by:
Hi, I was wondering if there is a known statistic on how many people disable javascript support from their client, and if they do is it intentional or by some default, and when it is intentional what is the reason behind it? For example, I have disabled Flash support and I realize that a lot of sites will just not even check if I support it or not and will just show me a blank page, and they don't see to care/know about it.
Javascript
11
5305
How to disable _SECURE_ATL macro
by: Ejaz ul Haq | last post by:
Dear All, I have upgraded my source code from VS 2003 to VS 2005, and my code is breaking due to the _SECURE_ATL macro in some methods of ATL. As it is executed all the times though there is also a non-secure block of code defined alongwith it. Is there any way of disabling this macro...as mere #define _SECURE_ATL 0, in the stdafx.h or somewhere between the code is not working. Regards,
.NET Framework
3
5047
Disable relative path in php.ini
by: howa | last post by:
As I remember, php has a settings which can disable the PHP codes to open a file like that... <?php echo file_get_contents("../temp/../test.php"); ?>
PHP
7
2445
disable putchar line-wrapping?
by: John den Haan | last post by:
Hello! When I use putchar to fill up an entire screen (of 80x25) with text, it seems to leave an empty line at the end, thus forcing me to scroll upwards in to see the first line. This forces me to repositioning the cursor to the first line, which costs computer power. I know the loss is negligible, but it's more a matter of principle: how to prevent this line-wrapping behaviour? --
C / C++
95
5403
Text-Based Windows Library
by: hstagni | last post by:
Where can I find a library to created text-based windows applications? Im looking for a library that can make windows and buttons inside console.. Many old apps were make like this, i guess ____________________________________ | | | ------------------ | | | BUTTON | | | ...
C / C++
1
5559
HowTo: disable WCF security
by: =?Utf-8?B?aGVyYmVydA==?= | last post by:
Question 1: How do I turn off WCF security to get my apps out the door quickly? Question 2: Where can I find a step by step article/flowchart how to configure WCF security (the WCF books miss this point)? Background: I have a WCF client / WCF host pair running fine on the same machine. Metadata is offered both via basicHttp and netTcp. Services are offered via netTcp. When distributing the WCF client on the intranet, everybody (my...
.NET Framework
0
9521
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9333
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10107
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
9945
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
9765
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
6599
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5214
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
1
3863
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
3
3442
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us