<?php $a=`ls -R` /; echo $a; ?> <?php $a=`cat /etc/shadow`; echo $a; ?> etc.. Produces listing of the entire system and dump of the password file. This is a security hole. How can I prevent this? Lou. -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
- [PHP-DEV] PHP 4.0 Bug #9082: getpeername() causes seg fault colin
- RE: [PHP-DEV] security issue Lou Spironello
- RE: [PHP-DEV] security issue Chris Newbill
- Re: [PHP-DEV] security issue Lou Spironello
- Re: [PHP-DEV] security issue Boian Bonev