Hi James Thanks for you comments, its a fair call. All I could add at this stage is that you have to login to Pyrite to be able to do any editing of the php.ini files and you can configure Pyrite to only work via Locahost and not remote connections. It is also true that you do need write permissions to the php.ini file and I would hope that Apache is setup to use a non-root account but with privileges to write to the php.inifile. I could deff use an extra pair of eyes over the code to make sure the app is as secure as humanly possible... interested? Best Zac On 11/3/05, James Benson <jb@xxxxxxxxxxxxxxxxx> wrote: > > It should be fine for windows but how are you gonna save the php.ini on > any linux box that typically (when setup correctly) requires root access > to save the file, your opening up a security hole with something like > that unless you tackle this issue some other way! > > > James > > > > > Zac Barton wrote: > > Hi list > > > > I have been working on a free web based app that lets you update the > > php.inifrom your browser very much like Coldfusion has. > > > > You can find a demo off the app at > > http://pyrite.zacbarton.com<http://217.150.107.157/pyrite>and im > > looking to see if anyone thinks this might be useful or share any > > ideas/comments > > before I take it any further. > > > > The demo site is pointing to a test php.ini file so feel free to play > with > > it. > > > > Regards > > Zac > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
