But where user "fred" can opendir() a directory owned by user "mary" (underneath the open_basedir), that action doesn't even pass a UID check if the UIDs are supposed to match in safe mode in order for the action to be allowed.
How would an optional GID check help? A. > > When in "safe mode" shouldn't PHP check to see if the directory that is > > about to be opened with a opendir() function has the same UID as the PHP > > script itself, and fail if the UIDs do not match? > > > From 4.1.0, optional GID check is available. > > Take a look at lastest implementation see if you still have issues. > > http://snaps.php.net/ > > -- > Yasuo Ohgaki > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
