php safe mode and squirrelmail
Jay Daniels
drs at pointyhats.com
Thu May 6 03:13:55 UTC 2004
Do not use external authentication like ldap.
jay
On Thu, May 06, 2004 at 10:18:52AM +1000, Norman Gaywood wrote:
> We have an FC1 system used by many people for many purposes. I would like
> to stop my php users from stealing passwords using the php environment
> var $_SERVER['PHP_AUTH_PW']
>
> One way to do this seems to be to enable php's safe mode. The problem
> with that is that it breaks squirrelmail. AFAICT, squirrelmail breaks
> not because it uses $_SERVER['PHP_AUTH_PW'], but for other reasons caused
> by safe mode.
>
> So the question is, does anyone know how to enable php safe mode and
> keep squirrel mail working?
>
> Or, does anyone know how to disable $_SERVER['PHP_AUTH_PW'] in php
> without enabling the full php safe mode.
More information about the users
mailing list