[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

php safe mode and squirrelmail



We have an FC1 system used by many people for many purposes. I would like
to stop my php users from stealing passwords using the php environment
var $_SERVER['PHP_AUTH_PW']

One way to do this seems to be to enable php's safe mode.  The problem
with that is that it breaks squirrelmail. AFAICT, squirrelmail breaks
not because it uses $_SERVER['PHP_AUTH_PW'], but for other reasons caused
by safe mode.

So the question is, does anyone know how to enable php safe mode and
keep squirrel mail working?

Or, does anyone know how to disable $_SERVER['PHP_AUTH_PW'] in php
without enabling the full php safe mode.

-- 
Norman Gaywood, Systems Administrator
School of Mathematics, Statistics and Computer Science
University of New England, Armidale, NSW 2351, Australia

norm turing une edu au            Phone: +61 (0)2 6773 2412
http://turing.une.edu.au/~norm    Fax:   +61 (0)2 6773 3312

Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]