This is not a feature reuqest per se, but rather a
feature request for the documentation.
I understand that it's not possible to change gallery
to enable PHP safe_mode to be on, but there are a
number of other PHP configuration options that have a
huge security impact too.
It would be really helpful if you could extend your
documentation and list the possible/recommended
settings for these options so gallery still runs, but
doesn't make my system any more insecure as absolutely
necessary. ;-)
So how about these:
register_globals off
open_basedir = ??
allow_url_fopen off
disable_functions = dl, phpinfo
In addition, it would be nice to have this config
readymade in a local .htaccess in the gallery folder
(or maybe a different on for the setup folder), so I
don't have to loosen the global settings for all php
applications.
Logged In: YES
user_id=978504
We're working on letting Gallery 2 work with limited
functionality when safe_mode is on, I'm hoping some good
docs will come out of this.
Logged In: YES
user_id=942712
Originator: NO
Update regard safe mode:
Noone worked / works officially on safe mode support. We had a proposal for a "Summer of Code" project, but such a project has been realized.