On 5 Jan 2008 16:33:07 GMT, Paul Hink <[EMAIL PROTECTED]> wrote: > Thomas Hochstein <[EMAIL PROTECTED]> wrote: > > > Raphael Geissert schrieb: > > > >>> disable_functions = dl, phpinfo, system, mail, include, shell_exec, > >>> exec, > >> > >> include()? I don't want to imagine how many scripts will break. > > > > A script that doesn't run is a *very* secure script. > > That depends on the error handling.
Good one! LOL spilling ugly db*connect() errors to the world to see is not very secure indeed. or how about: foo() could not open /etc/my-secret-users file.... -- ----)(----- Luis Mondesi Maestro Debiano ----- START ENCRYPTED BLOCK (Triple-ROT13) ------ Gur Hohagh [Yvahk] qvfgevohgvba oevatf gur fcvevg bs Hohagh gb gur fbsgjner jbeyq. ----- END ENCRYPTED BLOCK (Triple-ROT13) ------ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
