Security issues php & safemode
To prevent different users/sites reading eachother files we use the safe mode option that php offers..Sanity checks on ownership/groups of files and directory read and "chrooted" in their own virtual host environmnet. Beautifull...almost.
Cause if any php software used which creates directories like almost all forum software, the directory is created with ownership the webserver runs as, most cases www-data. And that definetly breaks with safemode, you can't read or write files to these directories due to the sanity checks...
I can't find a clean and decent solution, except to turn safe mode off for those sites running into these problems...something you definetly don't want.
I know these security issues will be solved when we upgrade to apache2.0, but that not possible yet.
I noticed some unofficial patches around the net, does anyone have a clean and neat secure solution to these security problems?
I would like to here some experience of other people how to handle this...
Frank
