[Chameleon] Chameleon and php safe mode

William Bronsema wbronsema at dmsolutions.ca
Fri Dec 17 07:23:10 EST 2004

Hi Bart,

One of the first hurdles to overcome is the need to dynamically load 
extensions.  Use of the dl() function is not allowed in safe mode.  All 
modules that are required by Chameleon would need to be loaded via the 
php.ini file.

Another issue concerns file ownership.  When safe_mode is on, PHP checks 
to see if the owner of the current script matches the owner of the file 
to be operated on by a file function or its directory.  This might 
possibly be gotten around by setting safe_mode_gid to 'On' and possibly 
setting safe_mode_include_dir values, but you would have to check.

Something else to note is if PHP is used in safe mode, functions 
executing system programs will not start programs that are not in the 
safe_mode_exec_dir directory.  exec() is one function that I know of 
that is used by the WMSBrowser widget and would need to be looked at 
inorder to see which directory it is working on.

These are just some of the issues I can think of off the top that could 
cause Chameleon not to run in safe mode.  This is perhaps a topic that 
needs some discussion.


bartvde at xs4all.nl wrote:
> Hi list,
> does anybody have an idea why Chameleon does not run in php safe mode?
> safe_mode=On in php.ini
> What would be involved in enabling Chameleon to run in safe mode? Or is
> this "theoretically" impossible?
> Best regards,
> Bart
> _______________________________________________
> Chameleon mailing list
> Chameleon at lists.maptools.org
> http://lists.maptools.org/mailman/listinfo/chameleon


William A. Bronsema, C.E.T.
Software & Applications Development,
DM Solutions Group Inc.

e-mail: wbronsema at dmsolutions.ca
Web   : http://www.dmsolutions.ca
Phone : (613) 565-5056 ext.25
Fax   : (613) 565-0925

More information about the Chameleon mailing list