At what level should safemode be solved? How?
Question
The PHP safe mode is an attempt to solve the shared-server security problem. To quote from the PHP manual :
It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren't very realistic, many people, especially ISP's, use safe mode for now.
If the PHP safe mode is architecturally incorrect to try to solve this problem at the PHP level then at what level should this be solved? How?
Some people say you can secure your site without safe mode or with safe mode off but recording to some experienced hosts support guys. It's not possible to have full security with safe_mode_off even if you have alternative security tools, such as ModSecurity.
So, I'm not sure which is right? I'm now totally confused and trying to find a reliable and accurate solution for this case to run my sites with safe_mode_off servers or without it but couldn't.
1 answers
solution1
0 2013-05-04 15:02:42
The conclusion you draw from the PHP manual page is wrong. You didn't read/understood it fully: To introduce safemode was the faux-pas in the first place. There was nothing to solve and nothing was solved with it. It was just more some marketing, hence the name "Safe Mode", to target Shared-Hoster for PHP installments.
If you instead want to learn about resource management of the operating system you use, consult the technical documentation of it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.