lecture6 - CPSC431Lecture6 Safe_Mode Use of all...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
CPSC431 Lecture 6
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Safe_Mode Use of all input/output functions (fopen(), file(), and require(), for example) is restricted to only files that have the same owner as the script that is calling these functions. Attempts by a user to create a new file will be restricted to creating the file in a directory owned by the user. Attempts to execute scripts via functions like popen(), system(), or exec() are only possible when the script resides in the directory specified by the safe_mode_exec_dir configuration directive. HTTP authentication is further strengthened because the UID of the owner of the authentication script is prepended to the authentication realm. If using the MySQL database server, the username used to connect to a MySQL server must be the same as the username of the owner of the file calling mysql_connect().
Background image of page 2
safe_mode_gid safe_mode_include_dir safe_mode_allowed_env_vars safe_mode_protected_env_vars safe_mode_exec_dir disable_functions = fopen,popen,file disable_classes = "administrator, janitor“ doc_root (string)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/20/2009 for the course CPSC CPSC431 taught by Professor Prf.wang during the Spring '09 term at CSU Fullerton.

Page1 / 13

lecture6 - CPSC431Lecture6 Safe_Mode Use of all...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online