> Relative newbie here, and I am just coming to grips with something that I > think is a very bad thing... Please tell me I am wrong. > > When using PHP, it is the Apache user that actually performs things, and > therefore needs permissions. For example, if I want to write data to a file, > I have to chmod o+w the directory it's in to get that to happen. > > The trouble with this, is a shared environment, doesn't this give anyone who > can use PHP on your system the ability to write over any other user's file > if they know the name of it? Am I missing something fundamental here? > > Any help would be appreciated! > > Bill
Yep, that's the problem. Running in safe_mode will protect some of those things, along with other settings like include_path, etc. Best protection is to get a dedicated server, though, so you're the only one on it. They really aren't that expensive anymore. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
