safe mode

[cwfie]

Hi Y'all,

I was wondering if anybody knows an alternative instead of safe-mode. Custoumers often want safe-mode off because their scripts don't allow safe-mode.

Can anybody help me ?

Thanks in anticipation

 

[nobaloney]

The alternative is that your clients write scripts that work with safe_mode on.

If you allow clients to use safe_mode off, then you need to make sure none of the other sites on your server can be hacked by a rogue php script (I've written about this previously on these forums).

At least then only their site can be hacked.

Jeff

 

[cwfie]

Isn't there a good firewall that can be anternative instead of safe mode? Iptables maybe? Do you also use safe mode on?

Thanks

 

[nobaloney]

A firewall limits access to the system; safe_mode limits what you can do with PHP after you've passed the firewall.

Since everything PHP does is done locally inside your server there's nothing a firewall can do to help you overcome PHP issues.

Jeff