[pmwiki-users] Folderized wiki.d won't allow new group creation!

Patrick R. Michaud pmichaud at pobox.com
Sat Feb 3 23:22:48 CST 2007


On Sat, Feb 03, 2007 at 04:42:55PM -1000, Sivakatirswami wrote:
> How can I check? I put {$safe_mode} on a page but it  returns
> nothing...

To find out if you're in safe_mode, set $EnableDiag = 1; in 
local/config.php, and then run the wiki with ?action=phpinfo .
You can then scroll down to the "safe_mode" entry and see if it's
"On" or "Off".

> I went to php.com and  studied out safe_mode... i guess I will need to
> find the config file to set this to 0...
> 
> how "unsafe" is this? We are the *only* client on this box.

I've often thought that "safe_mode" is really misleading to
administrators.  As far as I'm concerned, all that it does is
to complicate things while not actually providing any real
protection in terms of web server safety.  I often make the 
analogy that PHP's safe_mode is like putting bars on the 
windows but forgetting to put locks on the doors.  (For 
example, some web-hosting providers restrict PHP scripts to
run in safe_mode, but then they also allow their clients to
run Perl cgi-bin scripts.  Weird.)

If you're the only client on the box, safe_mode is really no
help at all.  What safe_mode is designed to do is to prevent
PHP scripts written by other people on the same server from
getting any sort of access to other people's scripts or
directories.

Pm



More information about the pmwiki-users mailing list