[snip]
On Wed, 4 Jun 2003, Jay Blanchard wrote:
> [snip]
> Have register globals set to ON is one way of leaving your script open

> to being exploitable. [/snip]
>
> Please explain this, how does it make it more exploitable? I think 
> that this is only true if the code is sloppy.

Correct, if you properly initialize your internal variables there is
nothing insecure about leaving register_globals on.
[/snip]

Then why has there been such a big deal about register_globals security?
Is it because so much code is sloppy?

Thanks!

Jay

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to