📄 features.safe-mode.html
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html> <head> <title>Safe Mode</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> </head> <body><div style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="features.persistent-connections.html">Persistent Database Connections</a></div> <div class="next" style="text-align: right; float: right;"><a href="features.safe-mode.functions.html">Functions restricted/disabled by safe mode</a></div> <div class="up"><a href="features.html">Features</a></div> <div class="home"><a href="index.html">PHP Manual</a></div></div><hr /><div> <h1>Safe Mode</h1><h2>Table of Contents</h2><ul class="chunklist chunklist_chapter"><li><a href="features.safe-mode.functions.html">Functions restricted/disabled by safe mode</a></li></ul> <p class="para"> The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren't very realistic, many people, especially ISP's, use safe mode for now. </p> <div class="warning"><b class="warning">Warning</b> <p class="para"> Safe Mode was removed in PHP 6.0.0. </p> </div> <div id="ini.sect.safe-mode" class="sect1"> <h2 class="title">Security and Safe Mode</h2> <p class="para"> <table border="5"> <caption><b>Security and Safe Mode Configuration Directives</b></caption> <colgroup> <thead valign="middle"> <tr valign="middle"> <th colspan="1">Name</th> <th colspan="1">Default</th> <th colspan="1">Changeable</th> <th colspan="1">Changelog</th> </tr> </thead> <tbody valign="middle" class="tbody"> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode</td> <td colspan="1" rowspan="1" align="left">"0"</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode_gid</td> <td colspan="1" rowspan="1" align="left">"0"</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Available since PHP 4.1.0. Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode_include_dir</td> <td colspan="1" rowspan="1" align="left">NULL</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Available since PHP 4.1.0. Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode_exec_dir</td> <td colspan="1" rowspan="1" align="left">""</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode_allowed_env_vars</td> <td colspan="1" rowspan="1" align="left">"PHP_"</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">safe_mode_protected_env_vars</td> <td colspan="1" rowspan="1" align="left">"LD_LIBRARY_PATH"</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM</td> <td colspan="1" rowspan="1" align="left">Removed in PHP 6.0.0.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">open_basedir</td> <td colspan="1" rowspan="1" align="left">NULL</td> <td colspan="1" rowspan="1" align="left">PHP_INI_ALL</td> <td colspan="1" rowspan="1" align="left">PHP_INI_SYSTEM in PHP < 6.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">disable_functions</td> <td colspan="1" rowspan="1" align="left">""</td> <td colspan="1" rowspan="1" align="left"><var class="filename">php.ini</var> only</td> <td colspan="1" rowspan="1" align="left">Available since PHP 4.0.1.</td> </tr> <tr valign="middle"> <td colspan="1" rowspan="1" align="left">disable_classes</td> <td colspan="1" rowspan="1" align="left">""</td> <td colspan="1" rowspan="1" align="left"><var class="filename">php.ini</var> only</td> <td colspan="1" rowspan="1" align="left">Available since PHP 4.3.2.</td> </tr> </tbody> </colgroup> </table> For further details and definitions of the PHP_INI_* constants, see the <a href="ini.html" class="xref">php.ini directives</a>. </p> <p class="para">Here's a short explanation ofthe configuration directives.</p> <p class="para"> <dl> <dt id="ini.safe-mode"> <span class="term"> <i><tt class="parameter">safe_mode</tt></i> <a href="language.types.boolean.html" class="type boolean">boolean</a> </span> <dd> <p class="para"> Whether to enable PHP's safe mode. </p> </dd> </dt> <dt id="ini.safe-mode-gid"> <span class="term"> <i><tt class="parameter">safe_mode_gid</tt></i> <a href="language.types.boolean.html" class="type boolean">boolean</a> </span> <dd> <p class="para"> By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use <i>UID</i> (<b><tt>FALSE</tt></b>) or <i>GID</i> (<b><tt>TRUE</tt></b>) checking upon file access. </p> </dd> </dt> <dt id="ini.safe-mode-include-dir"> <span class="term"> <i><tt class="parameter">safe_mode_include_dir</tt></i> <a href="language.types.string.html" class="type string">string</a> </span> <dd> <p class="para"> <i>UID</i>/<i>GID</i> checks are bypassed when including files from this directory and its subdirectories (directory must also be in <a href="ini.core.html#ini.include-path" class="link">include_path</a> or full path must including). </p> <span class="simpara"> As of PHP 4.2.0, this directive can take a colon (semi-colon on Windows) separated path in a fashion similar to the <a href="ini.core.html#ini.include-path" class="link">include_path</a> directive, rather than just a single directory. </span> <span class="simpara"> The restriction specified is actually a prefix, not a directory name. This means that "safe_mode_include_dir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "safe_mode_include_dir = /dir/incl/" </span> <span class="simpara"> If the value of this directive is empty, no files with different <i>UID</i>/<i>GID</i> can be included in PHP 4.2.3 and as of PHP 4.3.3. In earlier versions, all files could be included. </span> </dd> </dt> <dt id="ini.safe-mode-exec-dir"> <span class="term"> <i><tt class="parameter">safe_mode_exec_dir</tt></i> <a href="language.types.string.html" class="type string">string</a> </span> <dd> <p class="para"> If PHP is used in safe mode, <a href="function.system.html" class="function">system()</a> and the other <a href="ref.exec.html" class="link">functions executing system programs</a> refuse to start programs that are not in this directory. You have to use <i>/</i> as directory separator on all environments including Windows. </p> </dd> </dt> <dt id="ini.safe-mode-allowed-env-vars"> <span class="term"> <i><tt class="parameter">safe_mode_allowed_env_vars</tt></i> <a href="language.types.string.html" class="type string">string</a> </span> <dd> <p class="para"> Setting certain environment variables may be a potential security breach. This directive contains a comma-delimited list of prefixes. In Safe Mode, the user may only alter environment variables whose names begin with the prefixes supplied here. By default, users will only be able to set environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). </p> <blockquote><p><b class="note">Note</b>: If this directive is empty, PHP will let the user modify ANY environment variable! <br /> </p></blockquote>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -