> No new features are being accepted into the 4.3.X tree, only bug fixes. > The patch itself seems to duplicate the open_basedir functionality anyway. > > Ilia
Its not really duplicating anyting in open_basedir. As a metter of fact it is meant to be used together with open_basedir for best results. ISP and people doin mass hosting would mainly benefit from that patch. For example if I had all my domains hosted in /home then setting /home in open_basedir will not let customers get out of /home, but they would still be able to read each others documents. php scripts in /home/domain1.com could still read files located in /home/domain2.com , so in other words setting open_basedir = /home wont prevent users locate inside /home from snooping on each others data. thats the main reason why I wrote that patch. As for "No new features are being accepted into the 4.3.X tree" I can create a patch for testing for any other php tree if needed. Cheers, Boulat. > > On March 19, 2004 12:48 pm, [EMAIL PROTECTED] wrote: >> Hi internals, >> >> I added "virtual_root_level" new security related directive >> into php-4.3.4. >> >> Full description with the patch can be found in here >> >> http://www.boulat.net/projects/virtual_root_level/ >> >> Some feedback/comments would be appreciated. >> >> Regards, >> Boulat > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > Delete & Prev | Delete & Next Move to: INBOX INBOX.Drafts INBOX.Sent INBOX.Trash INBOX.infected -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
