php
No more PHP Safe
Mode
I didn't ever pay much attention to php safe mode. I think the reason is that I have always maintained my own server and don't have the problems with developers potentially running each others' scripts.
At any rate, I've been working at an Internet shop with a great setup; however, Safe Mode has been a serious thorn in my side. I'm used to using vim on the server to edit my files. That's great in an environment where wide usage of
chmod 2775
on the development groups' folders is in use.
Using a 2 in the sticky-bit position forces all files written into the folder to have group ownership the sames as the group that owns the folder. Obviously, this is in a controlled environment where all the developers are working together.
Unfortunately, on shared hosting, safe mode appears to be the easy-way-out for creating a permission-tight linux environment. What it ultimately ends up doing is preventing me from creating files when I am not the owner of the folder). This requires me to log in as any user that needs to create a file. Whew. Talk about identity crisis!
Ah, but according to PHP and IBM (search the page for "safe_mode"), as of PHP6, there will be no more safe mode with which to annoy developers :)
Still, some research will have to be done to secure shared-hosting environments that depend on safe mode. Odds are, Linux permissions and ownerships have the power to do it without the safe mode misnomer.
Last Updated: 2008-08-30 10:30:25