ID: 37970 Updated by: [EMAIL PROTECTED] Reported By: ct at swin dot edu dot au -Status: Open +Status: Bogus -Bug Type: Safe Mode/open_basedir +Bug Type: Unknown/Other Function Operating System: Linux PHP Version: 5.1.4 New Comment:
Please direct your complaints to the developers of your browser, since your _BROWSER_ sends login/password pair and it has *nothing* to do with PHP. Previous Comments: ------------------------------------------------------------------------ [2006-06-30 04:52:59] ct at swin dot edu dot au Description: ------------ PHP_AUTH_PW and PHP_AUTH_USER are exposed to other scripts running in a shared host environment. Reproduce code: --------------- user1 has a PHP web page http://www.example.com/~user1 that uses external authentication via Apache basic authentication. /home/user1/public_html/.htaccess AuthType Basic AuthName "This is a test" AuthUserfile /home/user1/public_html/.htpasswd Require valid-user user2 has a PHP page http://www.example.com/~user2 that prints out $_SERVER A user visits http://www.example.com/~user1 (No trailing slash) and enters their username/password entered in popup window. The user then visits http://www.example.com/~user2. Their password is then exposed to this script. This does not happen if the URL of the page asking for authentication has an appended slash. Eg. http://www.example.com/~user/. Expected result: ---------------- PHP_AUTH_USER and PHP_AUTH_PW should not be exposed to other users scripts on a shared host. Actual result: -------------- PHP_AUTH_USER and PHP_AUTH_PW are exposed to script even when safe_mode is enabled. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=37970&edit=1
