Michael Zornek wrote:
> which is scary cause this worked too:
>
> <?PHP
> include("/usr/local/apache/conf/httpd.conf");
> ?>
>
> doesn't this seem like a huge security hole?
No. If you know can trust your scripts, this is possible, but trusted scripts
won't do any abuse, will they?
If you can't trust your scripts, use safe-mode, and it isn't possible any
more.
Wagner
--
One maniac alone can do what 20 together cannot
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
