On 02/08/2012 03:35 PM, Ondřej Surý wrote:
This is very wrong to recommend: ; NOTE: If you are using the subdirectory option for storing session files [...] ; find /path/to/sessions -cmin +24 | xargs rm because it is prone to '\n' attack. You can see the security considerations of GNU find.
Can you log a bug for this at https://bugs.php.net/ ? Thanks, Chris -- Email: christopher.jo...@oracle.com Tel: +1 650 506 8630 Blog: http://blogs.oracle.com/opal/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php