0

The PHP safe mode is an attempt to solve the shared-server security problem. To quote from the PHP manual:

It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren't very realistic, many people, especially ISP's, use safe mode for now.

If the PHP safe mode is architecturally incorrect to try to solve this problem at the PHP level then at what level should this be solved? How?

Some people say you can secure your site without safe mode or with safe mode off but recording to some experienced hosts support guys. It's not possible to have full security with safe_mode_off even if you have alternative security tools, such as ModSecurity.

So, I'm not sure which is right? I'm now totally confused and trying to find a reliable and accurate solution for this case to run my sites with safe_mode_off servers or without it but couldn't.

Ben
  • 51,770
  • 36
  • 127
  • 149
mr Me
  • 1
  • 3
  • if you'd like to answer this question please visit this link http://stackoverflow.com/questions/16351713/at-what-level-should-safemode-in-php-be-solved-and-how cause it has 1 answer and an edit which reasked due to unansweres to this question. – mr Me May 04 '13 at 14:13
  • According to the linked manual the mode you're asking about has been removed as of the current version of PHP. Could you please tag your question with the version of PHP you are using and maybe explain _why_ you want to use this deprecated and removed feature in more depth? You also quote "Some people". Do you have any links that demonstrate the types of argument you're writing about? – Ben May 04 '13 at 14:32
  • I imagine if I ran a webhost website: Turning safe mode on would be a must. I would be more reliant on PHP's setting because they clearly know which commands might hurt your system. (Ex: file_get_contents, fsockopen) However, it's not to say it protects all commands. It highly depends on what you think 'secure your site' means. – Dave Chen May 04 '13 at 14:55

1 Answers1

0

The conclusion you draw from the PHP manual page is wrong. You didn't read/understood it fully: To introduce safemode was the faux-pas in the first place. There was nothing to solve and nothing was solved with it. It was just more some marketing, hence the name "Safe Mode", to target Shared-Hoster for PHP installments.

If you instead want to learn about resource management of the operating system you use, consult the technical documentation of it.

hakre
  • 193,403
  • 52
  • 435
  • 836
  • Can you explain it more please. I'm not covienced still cause this looks like it differs from what it written here: The PHP Safe Mode imposes additional restrictions on scripts, and increases the security of multi-user hosting systems, http://www.acunetix.com/websitesecurity/php-security-4/ , http://www.acunetix.com/websitesecurity/php-security-5/ – mr Me May 04 '13 at 15:37
  • As written, don't get irritated. Do no believe that there is any increase "for security of multi-hoser hosting systems". That sentence was just given for marketing reasons and as written, is the faux-pass in the wirst place. As you can see there is not more to explain. – hakre May 04 '13 at 18:42
  • In PHP, safe mode is a security feature that was designed to prevent hackers from being able to use PHP scripts to execute commands at the operating system level (such as Linux shell commands). http://www.serverschool.com/dedicated-servers/what-is-php-safe-mode/ – mr Me May 05 '13 at 00:18
  • HP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites. http://www.webhostgear.com/166.html – mr Me May 05 '13 at 00:19
  • PHP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites. http://www.crucialp.com/resources/tutorials/server-administration/customizing-php-safe-mode.php – mr Me May 05 '13 at 00:20
  • The additional security checks imposed by Safe Mode are, however, performed at the PHP level, "since the underlying web server and operating system security architecture is usually not sufficient to impose the necessary security restrictions for a multi-user environment", in which many users may be able to upload and execute PHP code.http://www.acunetix.com/websitesecurity/php-security-5/ – mr Me May 05 '13 at 00:21
  • Now. Explain to me why shouldn't I believe it? Also, I wan't to know if I can get a modified php 4.5 or later with php safe mode included or not? Thanks. – mr Me May 05 '13 at 00:23
  • Also, I want to know if it's possible to modify the underlying web server and operating system security architecture to make it sufficient (to impose the necessary security restrictions for a multi-user environment) or not? Thanks. – mr Me May 05 '13 at 01:04
  • You have found - merely by text-search - resources that show the negative side of the wrong marketing that has been done. Those are good examples showing how the marketing idea behind safe-mode has turned against the use of PHP itself, showing a second problem with the Faux-Pas that has been made in the first place: Hosters actually believed it, took over the marketing phrases without actually reviewing them. Those hosters iterative security review processes obviously do not cover PHP well - if at all. They are more a sign that you should not host with these hosters than anything else. – hakre May 05 '13 at 07:47
  • I don't say you should not believe. I just say that the problem was to introduce safe-mode in the first place, it tried to address a problem it could not address. Also you need to understand that PHP itself defined what safe-mode is. That means there is no question if you can get version XYZ with safemode or not. You can get PHP version XYZ and then you can check if such a thing exists as setting if at all. If not, it must not mean that there is no safe mode of operation and also if there is, it must not meant there is a safe mode of operation either. – hakre May 05 '13 at 07:54
  • Your question about underlying web server. Yes, it is possible. Albeit it requires a better understanding what to deal with. E.g. see the critique Acunetix had formulated. – hakre May 05 '13 at 07:57
  • Please read this: In the PHP interpreter, prior to version 5.4, safe mode offers stricter security measures.http://en.wikipedia.org/wiki/Safe_mode – mr Me May 06 '13 at 11:49
  • And this: When you deploy PHP in a multiuser environment, such as that found on an ISP's shared server, you might want to limit its functionality. As you might imagine, offering all users full reign over all PHP's functions could open up the possibility for exploiting or damaging server resources and files. As a safeguard for using PHP on shared servers,PHP can be run in a restricted, or safe, mode. – mr Me May 06 '13 at 11:50
  • Enabling safe mode will disable quite a few functions and various features deemed to be potentially insecure and thus possibly damaging if they are misused within a local script. A small sampling of these disabled functions and features includes parse_ini_file(), chmod(), chown(), chgrp(), exec(), system(), and backtick operators. – mr Me May 06 '13 at 11:50
  • Enabling safe mode also ensures that the owner of the executing script matches the owner of any file or directory targeted by that script. However, this latter restriction in particular can have unexpected and inconvenient effects because files can often be uploaded and otherwise generated by other user IDs. – mr Me May 06 '13 at 11:52
  • Enabling the safe_mode directive results in PHP being run under the aforementioned constraints. http://www.tutorialsscripts.com/php-ini-tutorials/php-ini-safe-mode.php – mr Me May 06 '13 at 11:53
  • NOW. Thats why I asked to provide a modifed version of php with safe mode feature as they provided a modifed version of php without safe mode. – mr Me May 06 '13 at 11:54
  • Uhm, what was the *reason* again? That you want a feature back which has people let down security wise? Which fooled an entire generation of blog-writers? – hakre May 06 '13 at 14:26
  • If you don't like this suggestion then what do you suggest? – mr Me May 08 '13 at 14:51