Hi,

Can anyone tell me whether they run PHP in safe mode on their servers and if so what are the advantages and disadvantages?

Regards
Ben

Security. If you leave safe mode off I could write a script that emulates the command line and execute commands and view sensitive data on your machine. I could say for example run a less /etc/passwd --- Safe mode is good if left on and then if users need permissions give them access that way. Also there are a few key functions you should disable like exec and a few more. Search arround for this. Good luck! Keep safe mode on!:D

Yes, read more at
http://www.php.net/manual/en/features.safe-mode.php

The good thing is you have it turned on/off for different VirtualHosts, like I have it turned off for my own accounts ( hehe ) and on for my customer

Look at bottom of the page I linked to, there is an example of httpd.conf per VirtualHost

Another way to run PHP securely is by using CGI mode of PHP combined with suexec. This way you don't need to restrict certain PHP features. It is a bit slower however.

If your host have the php standalone binary installed, you can use it for CGI mode PHP. Use this if you feel safe_mode is to restrictive for you.