[Pmwiki-users] Page Revisions in Safe-Mode

Patrick R. Michaud pmichaud
Sat Oct 18 11:48:43 CDT 2003


On Thu, Oct 16, 2003 at 07:27:44PM -0500, Kenneth P. Turvey wrote:
> ... Yahoo doesn't allow its clients to execute 
> arbitrary executables, only Perl and PHP.

This is just a generic side comment from Pm about security and web
hosting provider policies:

Perl doesn't have the equivalent of PHP's "safe mode" (an incorrectly
named feature, IMHO), so it always strikes me as odd that hosting
providers will disallow calls to external programs in PHP while 
continuing to allow Perl scripts.  I'm sure they and others can come 
up with all sorts of reasons for making this distinction, but it's 
just never seemed well thought out to me.

But, I'm also not naive enough to believe that I can get web hosting
providers to change their policies.  :-)  So, thanks to some excellent 
contributions from some others, PmWiki 0.6 will likely have the option 
to using a PHP-based revision history (diff/patch) engine that doesn't
require calls to external programs.  I'm planning to keep it optional 
because I'm a bit concerned about the possible resource requirements 
(time/memory) for diff processing performed in PHP, especially for large 
pages.

Pm



More information about the pmwiki-users mailing list