473,398 Members | 2,343 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > disable safe mode without loss of security ?

Join Bytes to post your question to a community of 473,398 software developers and data experts.

Disable safe mode without loss of security ?

Hello,

I'm trying to disable safe mode from my php installation. First
because this functionality will be removed in PHP6, and because it's
very restrictive and it's giving me headaches when configuring
frameworks and other applications. Moreover, it's said on the php
website that the safe mode solution is not a good thing... I'm looking
for a tutorial which indicates what to configure on a server in order
to have a secured installation of PHP, but without safe mode. I can't
find it...

Thank you !

May 2 '07 #1
1 3478
I'm trying to disable safe mode from my php installation. First
because this functionality will be removed in PHP6, and because it's
very restrictive and it's giving me headaches when configuring
frameworks and other applications. Moreover, it's said on the php
website that the safe mode solution is not a good thing... I'm looking
for a tutorial which indicates what to configure on a server in order
to have a secured installation of PHP, but without safe mode. I can't
find it...
If you see the documentation of safe mode, you see it starts by saying
this really should be done on the server itself. However, this is
OS-specific, so it is not easy to give any details without knowing the
OS that will run the page.

In general, the web server itself will run as a user that is known to
the OS. This user should be given enough rights to run the site, but too
little rights to do more harm to the system. It mainly comes down to
rights management. The rights can (and should!) be set correctly on the
OS, but can (and should!) be given in the web server as well for the
site users.

One approach is to have a directory for your site that is accessible to
the web server process on OS-level, with a subdirectory in it that is
served, and therefore publicly accessible (called the web root, usually
"htdocs" or "www"). Deny directory browsing and set an index page on the
web server level. Put your library php files outside the web root, so
they can only be called from php, but never directly from a web browser.

Best regards,
--
Willem Bogaerts

Application smith
Kratz B.V.
http://www.kratz.nl/
May 2 '07 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

22
Copying Web Page Content - Disable
by: Matt | last post by:
When browsing a web page a user has the ability to highlight content on a page (by holding down the left mouse button and dragging the mouse over the desired content). Is there a way to disable...
Javascript
2
SAFE MODE,fopen, and chmod
by: Joseph S. | last post by:
Hi all, Consider this case: I have a free php hosting account (a LAMP host) with an account name (also the name of my directory) 'sample'. Under 'sample', I have php scripts which can create...
PHP
8
Session_End and SqlServer Session Mode
by: karahan celikel | last post by:
I realized that when SqlServer mode is used for session management Session_End event is not fired in global.asax. What can I do if I want to do something when a user's session end? Thanks
ASP.NET
11
How many people disable Javascript?
by: matty | last post by:
Hi, I was wondering if there is a known statistic on how many people disable javascript support from their client, and if they do is it intentional or by some default, and when it is intentional...
Javascript
11
How to disable _SECURE_ATL macro
by: Ejaz ul Haq | last post by:
Dear All, I have upgraded my source code from VS 2003 to VS 2005, and my code is breaking due to the _SECURE_ATL macro in some methods of ATL. As it is executed all the times though there is also...
.NET Framework
3
Disable relative path in php.ini
by: howa | last post by:
As I remember, php has a settings which can disable the PHP codes to open a file like that... <?php echo file_get_contents("../temp/../test.php"); ?>
PHP
7
disable putchar line-wrapping?
by: John den Haan | last post by:
Hello! When I use putchar to fill up an entire screen (of 80x25) with text, it seems to leave an empty line at the end, thus forcing me to scroll upwards in to see the first line. This forces me...
C / C++
95
Text-Based Windows Library
by: hstagni | last post by:
Where can I find a library to created text-based windows applications? Im looking for a library that can make windows and buttons inside console.. Many old apps were make like this, i guess ...
C / C++
1
HowTo: disable WCF security
by: =?Utf-8?B?aGVyYmVydA==?= | last post by:
Question 1: How do I turn off WCF security to get my apps out the door quickly? Question 2: Where can I find a step by step article/flowchart how to configure WCF security (the WCF books miss this...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!