As you might imagine, offering all
CHAPTER 2 ?– CONFIGURING YOUR EN V IRONMENT 35
users full reign over all PHP??™s functions could open up the possibility for exploiting or
damaging server resources and files. As a safeguard for using PHP on shared servers,
PHP can be run in a restricted, or safe, mode.
Enabling safe mode will disable quite a few functions and various features deemed to
be potentially insecure and thus possibly damaging if they are misused within a local
script. A small sampling of these disabled functions and features includes parse_
ini_file(), chmod(), chown(), chgrp(), exec(), system(), and backtick operators.
Enabling safe mode also ensures that the owner of the executing script matches the
owner of any file or directory targeted by that script. However, this latter restriction in
particular can have unexpected and inconvenient effects because files can often be
uploaded and otherwise generated by other user IDs.
In addition, enabling safe mode opens up the possibility for activating a number of
other restrictions via other PHP configuration directives, each of which is introduced
in this section.
?– Note Due in part to confusion caused by the name and approach of this particular feature, coupled
with the unintended consequences brought about due to multiple user IDs playing a part in creating and
owning various files, PHP??™s safe mode feature has been removed from PHP 6.
Pages:
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116