[wp-hackers] Forum Post: cache issue
false.hopes at gmail.com
Thu Jan 19 01:39:13 GMT 2006
On 1/18/06, Ryan Boren <ryan at boren.nu> wrote:
> On Wed, 2006-01-18 at 19:30 -0500, David Chait wrote:
> > This is a dumb question: how many hosts have safe mode on? I would have
> > expected my plugins to fail left and right (given they too create cache
> > files...).
> > And, this would obviously also nuke things like WP-Cache, right?
> > Eeek.
> Yes, it can be painful unless there is some workaround that I don't know
> about. Given the griping on php.net and elsewhere, I don't think there
> is a workaround.
> Some hosts are asking whether they should turn safe_mode off. They want
> to know if it buys any real added security or if it just breaks things.
If you're ever asked this personally, or you feel like telling
someone, safe_mode just complicates things. If you want added
security, turn open_basedir on, and use the disabled_functions
directive in php.ini to disable all of the exec related functions so
that users can't run binaries, and you've pretty much locked down
tigher than safe_mode does.
safe_mode is scheduled for complete removal from PHP6.
More information about the wp-hackers