On Jul 25, 2004, at 11:12 AM, Adam Maccabee Trachtenberg wrote:
On Sun, 25 Jul 2004, Peter Brodersen wrote:
If nobody wants to give an answer to the above, my question would still be:
Is there any way restricting people from retrieving file names (where
open_basedir and safe_mode obviously won't help), besides adding glob to
disable_functions in php.ini?
Why don't you set display_errors to Off? Or am I missing something?
Because I can set them On in my script, then go guessing at filenames on the server.
George
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
