[TriLUG] PHP, Safe Mode, & PEAR
Scott Lundgren
trilug at capitalfellow.com
Wed Jul 13 16:41:34 EDT 2005
Hey guys
I've been beating my head against a config issues in php.ini (PHP
5.0.4) and maybe someone can help with what I'm not doing.
In my php.ini I've enabled:
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /usr/local/php/lib/php
error_reporting = E_ALL
log_errors = On
error_log = /export/home/wsadmin/logs/php_error.log
include_path = "/usr/local/php/lib/php:."
From the documentation (http://us2.php.net/features.safe-mode)
safe_mode_include_dir:
UID/GID checks are bypassed when including files from this directory
and its subdirectories (directory must also be in include_path or full
path must including).
The restriction specified is actually a prefix, not a directory name.
This means that "safe_mode_include_dir = /dir/incl" also allows access
to "/dir/include" and "/dir/incls" if they exist. When you want to
restrict access to only the specified directory, end with a slash.
Since my setting for safe_mode_include_dir doesn't end in a /, I
thought because the path in safe_mode_include_dir would match against
what's in include_path meaning all the subdirectories (ie: individual
PEAR packages) of my include_path would be excluded from the checks.
But I'm finding that's not the case when a simple test script calls the
PEAR component Form (located at /usr/local/php/lib/php/HTML/Form.php) i
have the following errors:
[13-Jul-2005 16:26:22] PHP Warning: main() [<a
href='function.main'>function.main</a>]: SAFE MODE Restriction in
effect. The script whose uid/gid is 107/10 is not allowed to access
/usr/local/php/lib/php/HTML/Form.php owned by uid/gid 0/1 in
/export/home/selundgr/public_html/formtest.php on line 2
[13-Jul-2005 16:26:22] PHP Warning: main(HTML/Form.php) [<a
href='function.main'>function.main</a>]: failed to open stream: No such
file or directory in /export/home/selundgr/public_html/formtest.php on
line 2
[13-Jul-2005 16:26:22] PHP Fatal error: main() [<a
href='function.require'>function.require</a>]: Failed opening required
'HTML/Form.php' (include_path='/usr/local/php/lib/php:.') in
/export/home/selundgr/public_html/formtest.php on line 2
thanks,
SL
More information about the TriLUG
mailing list