PHP Safe_mode is restricted after it is enabled. how can this problem be solved?
Source: Internet
Author: User
PHP Safe_mode is restricted. safe_mode & nbsp; which of the following are restricted after opening ., & nbsp; If & nbsp; PHP & nbsp; has enabled save & nbsp; model, system () & nbsp; and other program execution functions will refuse to start programs not in this directory. Which of the following are restricted after PHP Safe_mode is enabled.
Which of the following are restricted when Safe_mode is enabled.
------ Solution --------------------
If you open the save model, system (), and other programs in PHP, the execution of functions will refuse to start programs not in this directory. Must use/as the directory separator, including safe_mode_allowed_env_varsstring in Windows
Functions restricted or blocked by security mode
Function name restrictions
Dbmopen () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Dbase_open () check whether the operated file or directory has the same UID (owner) as the executed script ).
Filepro () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Filepro_rowcount () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Filepro_retrieve () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Ifx _ * SQL _safe_mode limit ,(! = Safe mode)
Ingres _ * SQL _safe_mode limit ,(! = Safe mode)
Mysql _ * SQL _safe_mode limit ,(! = Safe mode)
Pg_loimport () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Posix_mkfifo () check whether the operated directory has the same UID (owner) as the executed script ).
Putenv () follows the safe_mode_protected_env_vars and safe_mode_allowed_env_vars options set by ini. See the putenv () function documentation.
Move_uploaded_file () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Chdir () checks whether the operated directory has the same UID (owner) as the executed script ).
Dl () When PHP runs in safe mode, this function cannot be used.
Backtick operator this function is not available when PHP runs in safe mode.
Shell_exec () (with the same function as the backticks function) is not available when PHP runs in safe mode.
Exec () can only be executed in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object... Escapeshellcmd () will be applied to the parameters of this function.
System () can only be executed in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object... Escapeshellcmd () will be applied to the parameters of this function.
Passthru () can only be executed in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object... Escapeshellcmd () will be applied to the parameters of this function.
Popen () can only be executed in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object... Escapeshellcmd () will be applied to the parameters of this function.
Fopen () checks whether the operated directory has the same UID (owner) as the executed script ).
Mkdir () check whether the operated directory has the same UID (owner) as the executed script ).
Rmdir () check whether the operated directory has the same UID (owner) as the executed script ).
Rename () checks whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ).
Unlink () checks whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ).
Copy () check whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ). (On source and target)
Chgrp () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Chown () checks whether the operated file or directory has the same UID (owner) as the executed script ).
Chmod () checks whether the operated file or directory has the same UID (owner) as the executed script ). In addition, SUID, SGID, and sticky bits cannot be set.
Touch () checks whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ).
Symlink () checks whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ). (Note: Only test target)
Link () checks whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ). (Note: Only test target)
Apache_request_headers () in safe mode, headers starting with "authorization" (case sensitive) are not returned.
Header () in safe mode, if WWW-Authenticate is set, the uid of the current script will be added to the realm part of the header.
In safe mode, PHP_AUTH_USER, PHP_AUTH_PW, and PHP_AUTH_TYPE are not available in $ _ SERVER. However, you can still use REMOTE_USER to obtain the USER name ). (Note: it is valid only after PHP 4.3.0)
Highlight_file (), show_source () check whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ). (Note: it is only valid after version 4.2.1)
Parse_ini_file () check whether the operated file or directory has the same UID (owner) as the executed script ). Check whether the operated directory has the same UID (owner) as the executed script ). (Note: it is only valid after version 4.2.1)
Set_time_limit () does not work in safe mode.
Max_execution_time does not work in safe mode.
In secure mode, the fifth parameter is blocked. (Note: only affected since PHP 4.2.3)
------ Solution --------------------
Safe_mode is the unique PHP_INI_SYSTEM attribute and must be set through php. ini or httpd. conf. To enable safe_mode, modify php. ini: safe_mode = On or httpd. conf to define the directory:
Options FollowSymLinks php_admin_value safe_mode 1
After apache is restarted, the safe_mode takes effect. When safe_mode is started, many PHP functions are restricted, especially system-related functions such as file opening and command execution.
Functions of all operation files can only operate files with the same UID as the script.
Although safe_mode is not omnipotent (earlier versions of PHP can bypass), it is strongly recommended to enable the security mode to avoid unknown attacks to some extent. However, enabling safe_mode has many restrictions, which may affect the application. Therefore, you must adjust the code and configuration to ensure harmony. For functions restricted or blocked by the security mode, refer to the PHP Manual.
------ Solution --------------------
First and third floors
------ Solution --------------------
As long as you do not try to write files, there is no difference
If you allow the use of programs to write files, then what mode is meaningless
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
