ID: 40030 User updated by: admin at digibase dot ca Reported By: admin at digibase dot ca Status: Open Bug Type: Scripting Engine problem Operating System: Linux PHP Version: 5.2.1RC2 New Comment:
I was unclear on the situation - This is code being executed from IRC via the CLI, when someone per-se says "status `rm`" it actually tries doing that specific code. Previous Comments: ------------------------------------------------------------------------ [2007-01-05 11:36:08] admin at digibase dot ca Description: ------------ Whenever I attempt to escape any code, backticks still execute without a problem - whenever I execute it from the CLI (Where I want it to execute from), it accepts injection no matter WHAT I do It seems as if there's only one way to disable this, which is enable safe mode, however, that presents problems, it disables functions I want enabled and causes problems on the webserver attached. Reproduce code: --------------- $text = escapeshellarg(escapeshellcmd(strtolower($text))); Expected result: ---------------- Filter out and prevent injection of arbitary code while sending the clean text on for processing in an if/elseif/else tree Actual result: -------------- When run like php ./script status && `rm` rm actually decides to run. not under privledges but it can cause damage ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=40030&edit=1
