To get around this, I made a small shell script which runs as root. The php page calls the script via the system call. All the shell script does is move a specific file from tmp to a specific location.
I'm probably asking for someone to exploit it, but I don't know exactly what they can do. -Brian -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]