Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:33023
Return-Path: <judas.iscariote@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 65761 invoked by uid 1010); 5 Nov 2007 17:28:18 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 65746 invoked from network); 5 Nov 2007 17:28:18 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Nov 2007 17:28:18 -0000
Authentication-Results: pb1.pair.com header.from=judas.iscariote@gmail.com; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com smtp.mail=judas.iscariote@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 64.233.170.191 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: judas.iscariote@gmail.com
X-Host-Fingerprint: 64.233.170.191 rn-out-0910.google.com Linux 2.4/2.6
Received: from [64.233.170.191] ([64.233.170.191:10276] helo=rn-out-0102.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 64/40-63225-1B25F274 for <internals@lists.php.net>; Mon, 05 Nov 2007 12:28:17 -0500
Received: by rn-out-0102.google.com with SMTP id e11so512726rng
        for <internals@lists.php.net>; Mon, 05 Nov 2007 09:28:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        bh=C1iEwqvJObKFyX0rOwISvvQ9BOS5d3zFSXma5a7skc0=;
        b=N4znn9ckUMuIRY9YSiPKVrSrgKI5U1ZiRg8AQ+CcVWG72sGpRepDV5Qpa5W0UdS72q7yHddk2K7QS4bNrimuwnofl10LTm8RXySPpZNTQwDnJDwhxNtQyK4BYuS+xFPGPAAF7EK+jBNzQq3p2FPb8SHFucc+k6l8SnUChak8og0=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=LNvZE39ewdUatr3e0Q1UVp9OeE1mPCRHJRutrkNmsqpJHIJB92tSsiWSII1CvJXBbal+v2QcQK8bABUsOnx5FUbKkYzQ0f00VWi6lMDoKMPskYizqhVc+39B5T24DYFEg2eF7OBcb7oG+ZyrBHuIhEjhqWoIi4N2KLUcrvekRIo=
Received: by 10.142.103.6 with SMTP id a6mr1114769wfc.1194283687812;
        Mon, 05 Nov 2007 09:28:07 -0800 (PST)
Received: by 10.142.112.9 with HTTP; Mon, 5 Nov 2007 09:28:07 -0800 (PST)
Message-ID: <7d5a202f0711050928y368b1f88i41ee82f4ed3f565a@mail.gmail.com>
Date: Mon, 5 Nov 2007 14:28:07 -0300
To: internals@lists.php.net
In-Reply-To: <20071105171202.GA12944@arvo.suso.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20070826193146.GQ16782@arvo.suso.org> <46D1ED8A.2060302@zend.com>
	 <20070827024804.GS16782@arvo.suso.org> <46D26834.9040001@lerdorf.com>
	 <20071105171202.GA12944@arvo.suso.org>
Subject: Re: [PHP-DEV] Safe mode being removed in PHP6?
From: judas.iscariote@gmail.com ("Cristian Rodriguez")

2007/11/5, Mark Krenz <mark@suso.org>:

>   Unless there is some other way in PHP of restricting where you can run
> programs from (can't find any),

Why PHP needs to do that ? isnt that part of OS level security ?

>this is going to become a major problem.

This is going to **solve** a major problem, this change will eliminate
the false sense of security that safe_mode provides and will tell
people to start securing their stuff better.

safe_mode does not really resist any analysis, whoever convinced you
that it is a good thing does not have a clue.



-- 
http://www.kissofjudas.net/