Hi,
I wrote this already one time and received some parameters for my apache. but I
think document root etc are all correct in apache. I set safemode etc also on in
php.ini but it seems to ignore those settings completly. here my problem:
I have a big security hole in my php and I cannot get out why:
Operating system: Windows XP
PHP version: 4.1.1
Bug description: Script accesses harddrive. what did I do wrong?
I installed Apache 1.3.20 with PHP and now I saw, a php script can show my
complete harddrive remotly. I don't know if it is a bug in php, I think
not, I think I configured something wrong but I have ABSOLUTLY no idea what
and I didn't find help anywhere. maybe you can tell me what this could be.
thanks a lot
P.S.: how can I configure that scripts only access things in the directory they where
executed or in their subdirs?
chris
__
Darf es ein bisschen mehr sein? Mehr Speicher, mehr Mail, mehr Erlebnis,
mehr Prämie, mehr WEB.DE. Der WEB.DE Club - http://club.web.de
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]