[pmwiki-users] Safe Mode Solution (Revisited)
Patrick R. Michaud
pmichaud at pobox.com
Sat Feb 12 10:30:24 CST 2005
On Fri, Feb 11, 2005 at 10:00:09PM -0700, H. Fox wrote:
>
> Recently Patrick R. Michaud <pmichaud at pobox.com> wrote:
> >The *only* way for things to work in safe_mode is to manually create
> >the needed directories and set their permissions to 777, as outlined
> >at the beginning of this section.
>
> Actually there's another, IMHO "more secure", way for things to work in
> safe_mode.
> Briefly, the safe_mode problem is caused by a "UID compare check", which
> can be relaxed to a "GID compare check" by setting
> safe_mode_gid = On
> in the PHP configuration file (php.ini) and restarting the web server.
I totally agree -- however, I'd say that the majority of wiki
administrators don't have the ability/permissions to change any of the
settings in php.ini, which is why I haven't highlighted this
particular approach. But it is useful to include in the documentation
somewhere -- I'll fold it into the description I wrote a couple of days
ago.
> In my testing (on Mandrake and Debian), turning on safe_mode_gid has
> completely solved the server-can't-read-files-it-created problem, which
> means no world-writable directories or wiki pages are necessary.
> I posted a note about this to the list and added to a page on pmwiki.org
> last April. The page seems to have disappeared along with the v1 wiki.
Actually, PmWiki 1 had several problems with getting file permissions
set correctly, while PmWiki 2 is much more robust in this respect, and
even handles those situations where files have been copied from
another server (and have the wrong permissions).
Pm
More information about the pmwiki-users
mailing list