We have been unable to secure our Windows 2000/IIS5 server from allowing people to open any file on our server that they want to if they know the path. The safe_mode doesn't really work on Windows. But I was told to use the open_basedir option in our php.ini. I added this option and it had no effect on the ability for people to open files anywhere on the server. I tried numerous formats for the option, for example open_basedir = c:\inetpub\wwwroot open_basedir = "c:\inetpub\wwwroot" open_basedir = . and on and on, with quotes, without quotes, forward slashes, backslashes, even without the drive letter more like a unix path and nothing seemed to work. Has anyone actually got this to work? If so, I would be very interested to know what format you used for the option in the php.ini file. Or however else you managed to get this to work. Thanks, Erick -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
