Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:22581
Return-Path: <rasmus@lerdorf.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 84380 invoked by uid 1010); 25 Mar 2006 17:03:47 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 84365 invoked from network); 25 Mar 2006 17:03:47 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 25 Mar 2006 17:03:47 -0000
X-Host-Fingerprint: 204.11.219.139 lerdorf.com Linux 2.5 (sometimes 2.4) (4)
Received: from ([204.11.219.139:33105] helo=lerdorf.com)
	by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP
	id 88/6A-11806-3F775244 for <internals@lists.php.net>; Sat, 25 Mar 2006 12:03:47 -0500
Received: from [192.168.200.106] (c-24-6-5-134.hsd1.ca.comcast.net [24.6.5.134])
	(authenticated bits=0)
	by lerdorf.com (8.13.6/8.13.6/Debian-1) with ESMTP id k2PH3hSg004851
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sat, 25 Mar 2006 09:03:43 -0800
Message-ID: <442577EF.2000908@lerdorf.com>
Date: Sat, 25 Mar 2006 09:03:43 -0800
User-Agent: Thunderbird 3.0a1 (Macintosh/20060320)
MIME-Version: 1.0
To: Ilia Alshanetsky <ilia@prohost.org>
CC: Sara Golemon <pollita@php.net>, internals@lists.php.net
References: <000a01c64fbc$cef29c50$88051fac@OHRLVN4523SG> <44257520.6070304@prohost.org> <4425761D.4020300@lerdorf.com> <44257764.4060406@prohost.org>
In-Reply-To: <44257764.4060406@prohost.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] open_basedir_for_include
From: rasmus@lerdorf.com (Rasmus Lerdorf)

Ilia Alshanetsky wrote:
> Rasmus Lerdorf wrote:
>> But it does prevent writing to those dirs.
> 
> That should be the job of file permissions, let's use PEAR directory as 
> an example. In normal circumstances only the root user can write to 
> those dirs and everyone else has read-only access, therefor write 
> permission would already be denied to those users.

Yes, and in normal circumstances you wouldn't accidentally write to 
places you aren't supposed to, just like in normal circumstances you 
will have all your file permissions set correctly.  And in normal 
circumstances you would never have bugs in your code.

-Rasmus