Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:33028
Return-Path: <mark@suso.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 93255 invoked by uid 1010); 5 Nov 2007 18:42:58 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 93240 invoked from network); 5 Nov 2007 18:42:58 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Nov 2007 18:42:58 -0000
Authentication-Results: pb1.pair.com smtp.mail=mark@suso.org; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=mark@suso.org; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain suso.org designates 216.9.132.134 as permitted sender)
X-PHP-List-Original-Sender: mark@suso.org
X-Host-Fingerprint: 216.9.132.134 mail.suso.org Linux 2.5 (sometimes 2.4) (4)
Received: from [216.9.132.134] ([216.9.132.134:50139] helo=arvo.suso.org)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 97/55-63225-1346F274 for <internals@lists.php.net>; Mon, 05 Nov 2007 13:42:57 -0500
Received: by arvo.suso.org (Postfix, from userid 509)
	id EEE6C88105; Mon,  5 Nov 2007 18:41:58 +0000 (GMT)
Date: Mon, 5 Nov 2007 18:41:58 +0000
To: internals@lists.php.net
Message-ID: <20071105184158.GD12944@arvo.suso.org>
References: <20070826193146.GQ16782@arvo.suso.org> <46D1ED8A.2060302@zend.com> <20070827024804.GS16782@arvo.suso.org> <46D26834.9040001@lerdorf.com> <20071105171202.GA12944@arvo.suso.org> <cd5680a20711051035i3feee5fat2da7b6726906d547@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cd5680a20711051035i3feee5fat2da7b6726906d547@mail.gmail.com>
User-Agent: Mutt/1.5.11
Subject: Re: [PHP-DEV] Safe mode being removed in PHP6?
From: mark@suso.org (Mark Krenz)

On Mon, Nov 05, 2007 at 06:35:50PM GMT, Alexey Zakhlestin [indeyets@gmail.com] said the following:
>
> That's how textdrive/joyent do this and they are more than happy with
> this approach.
> 

 Oh really?  Read the section on Joyent/Textdrive here:

  http://suso.suso.org/xulu/Web_hosting_providers_with_poor_security

 Now do you have confidence in their security practices?

 Suso is secure with the exception of some of the more obscure flaws in
safe mode. You can't read other people's files.   I try not to don't
rely on security by obscurity.  I want to be able to sleep at night.


-- 
Mark S. Krenz
IT Director
Suso Technology Services, Inc.
http://suso.org/