Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:8627 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 99751 invoked by uid 1010); 19 Mar 2004 21:41:13 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 99718 invoked from network); 19 Mar 2004 21:41:13 -0000 Received: from unknown (HELO asuka.nerv) (24.100.195.79) by pb1.pair.com with SMTP; 19 Mar 2004 21:41:13 -0000 Received: (qmail 21174 invoked from network); 19 Mar 2004 21:41:13 -0000 Received: from rei.nerv (HELO dummy.com) (rei@192.168.1.1) by asuka.nerv with SMTP; 19 Mar 2004 21:41:13 -0000 Reply-To: ilia@prohost.org Organization: Prohost.org To: internals@lists.php.net, boulat@funio.com Date: Fri, 19 Mar 2004 16:41:18 -0500 User-Agent: KMail/1.6.1 References: <61700.66.158.132.127.1079718509.squirrel@www.funio.com> <200403191609.28127.ilia@prohost.org> <63849.66.158.132.127.1079731711.squirrel@www.funio.com> In-Reply-To: <63849.66.158.132.127.1079731711.squirrel@www.funio.com> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-ID: <200403191641.18788.ilia@prohost.org> Subject: Re: [PHP-DEV] new security related directive for php-4.3.4 From: ilia@prohost.org (Ilia Alshanetsky) On March 19, 2004 04:28 pm, boulat@funio.com wrote: > So then following your logic why not remove open_basedir,safe_mode,etc all > together from PHP, just to increase the performance? Because it would break BC. When these options were developed Apache 2 was not around and fastcgi support was flimsy at best. Using plain CGI (which MANY ISPs use) to run PHP is quite resource intensive. Popularity of PHP will not be affected by these features and the robustness would only take a step backwards. More over the 'security' you add is easily bypassed through a variety of means. The open_basedir, safe_mode are hacks that were added because webservers at the time didn't not have the ability to easily distinguish individual user accounts and adjust the process uid/gid accordingly. Adding more to these 'features' when real support is already avaliable seems highly counter productive IMO. Ilia