* Miroslav Lachman ([EMAIL PROTECTED]) wrote:
> As I reported a year ago - problem occured in 5.1.6 (maybe 5.1.5 - I
> never tried it, I jumped from 5.1.4 to 5.1.6 or newer). Can somebody
> look at PHP sources of those two versions and find the "bad change"?
Handily I have 5.1.4 sources right next to my copy of trunk PHP5;
main/fopen_wrappers.c php_check_specific_open_basedir() is about half
the size there, and doesn't perform any readlink() calls, so it's
probably vulnerable to escaping the basedir using symlinks, but
considerably faster.
--
Thomas 'Freaky' Hurst
http://hur.st/
_______________________________________________
freebsd-performance@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-performance
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
