Next: Configuring safe php Up: PHP4 Configuration Previous: PHP4 Configuration Contents
PHP is a powerful script language, allows its user to have enough control over the system and to malicious attackers too many options to reach its objective.
An system administrator does not have to suppose that a system is completely safe with only having installed security updates, a system that shows code to the outside is not safe, although the result is HTML, it is exposed to attacks of very diverse forms and not known failures of security.
Limit to the maximum the access that allows php is then a necessity.