HOME Community Articles Code Library People Mail Archive My Account Contribute PHP Jobs

Open Source Database Feature Comparison Matrix Try Declarative Programming with Annotations and Aspects Locate All Stored Procedures and Their Objects/SQL Tables Building a Stored Procedure Generator Making Tables Read-only in Oracle

24-hour Support Daily Backup Dedicated Servers JSP/Java Servlets PHP MySQL Streaming Audio/Video Telnet/SSH Unix Hosting 24-hour Support

From: wangshui <email protected>
Date: 06/20/01

• Next message: Rasmus Lerdorf: "Re: [PHP-DEV] bug/dev"
• Previous message: Brian Tanner: "RE: [PHP-DEV] Totally Blue Sky"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: wangshui <email protected>
Operating system: Linux
PHP version: 4.0.4pl1
PHP Bug Type: Directory function related
Bug description: Security Hole on ChDir()

ChDir() can be use to enter a directory which belongs to others. Hackers can use this hole to break the SafeMode and OpenBaseDir restriction and enter and view and even open files in someone else' directory.
In a multiuser environment where users must have some files with the same owner( such as 'nobody', to handle file-upload tasks), this hole is extremely dangerous.

-- 
Edit Bug report at: http://bugs.php.net/?id=11570&edit=1
-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: Rasmus Lerdorf: "Re: [PHP-DEV] bug/dev"
• Previous message: Brian Tanner: "RE: [PHP-DEV] Totally Blue Sky"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]