 |
 |
 |
 |
|
|
Date: 01/08/01
- Next message: Wacks, David: "[PHP-DEV] RE: [PHP] Emergency help"
- Previous message: Rasmus Lerdorf: "[PHP-DEV] Re: [PHP-DOC] RE: [PHP-PEAR] CVS ACL's have been activated"
- In reply to: Adam Wright: "[PHP-DEV] Pretty mammoth security issue with safe_mode_exec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
AW>> If you have safe mode enabled, and have a safe mode exec directory, here's
AW>> how you can execute binarys outside of your safe mode exec directory!
Do you have real code that can do this? Can you post it (with your
settings)? I don't see even how ".." check is useful with current code
that just chops off the path in the safe mode.
-- Stanislav Malyshev, Zend Products Engineer stas <email protected> http://www.zend.com/ +972-3-6139665 ext.115-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Wacks, David: "[PHP-DEV] RE: [PHP] Emergency help"
- Previous message: Rasmus Lerdorf: "[PHP-DEV] Re: [PHP-DOC] RE: [PHP-PEAR] CVS ACL's have been activated"
- In reply to: Adam Wright: "[PHP-DEV] Pretty mammoth security issue with safe_mode_exec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]