Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:8624 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 14109 invoked by uid 1010); 19 Mar 2004 21:09:23 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 14085 invoked from network); 19 Mar 2004 21:09:23 -0000 Received: from unknown (HELO asuka.nerv) (24.100.195.79) by pb1.pair.com with SMTP; 19 Mar 2004 21:09:23 -0000 Received: (qmail 20927 invoked from network); 19 Mar 2004 21:09:22 -0000 Received: from rei.nerv (HELO dummy.com) (rei@192.168.1.1) by asuka.nerv with SMTP; 19 Mar 2004 21:09:22 -0000 Reply-To: ilia@prohost.org Organization: Prohost.org To: Rasmus Lerdorf , internals@lists.php.net, boulat@funio.com Date: Fri, 19 Mar 2004 16:09:28 -0500 User-Agent: KMail/1.6.1 References: <61700.66.158.132.127.1079718509.squirrel@www.funio.com> <200403191602.17011.ilia@prohost.org> In-Reply-To: MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-ID: <200403191609.28127.ilia@prohost.org> Subject: Re: [PHP-DEV] new security related directive for php-4.3.4 From: ilia@prohost.org (Ilia Alshanetsky) On March 19, 2004 04:05 pm, you wrote: > If you are using open_basedir at all, you have already given up all hope > of any sort of performance. Certainly, but this would make the existing situation much worse then it already is. Ideally fastcgi or ap2 should be used where it is possible to make the web server processes run under the user's account hence avoiding the needed for open_basedir, safe_mode, etc... all together. Ilia