On Thu, May 22, 2008 at 5:50 AM, william <[EMAIL PROTECTED]> wrote: > Btw, could you tell me how does full paths increase security ?
It prevents some attacks based on tricking your application into working on different files. If you don't assume a certain working directory, you won't be compromised if someone finds a way to change it. Using absolute paths is pretty common advice, e.g.: http://advosys.ca/papers/web-security.html#absolute - Perrin