At 11:20 12/12/2001, Teodor Cimpoesu wrote: >[rant++] >I don't think it's a problem for a user to make a copy of the php binary >somewhere in any of those dirs, where the cwd at runtime is a writeable dir...
Well, if he can run arbitrary files from his own directories, you're screwed anyway, much more than any PHP related security exploit :) The directories from which the server agrees to run binaries are quite limited. Zeev -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]