* Thus wrote John W. Holmes ([EMAIL PROTECTED]): > >>You didnt understand. I change save.session_path to other's site session > >>directory, do session_start(), write every variable what i want, write > >>down > >>session number, go to this site and using this generated session. You > >>cannt > >>prevent this ever! > > > Does enabling safe_mode counter any of these writing file issues?
unfortantly no. > > We all know the solution is to have a dedicated server, of course. :) Or a jailed system, usually a bit cheaper for the client. Perhaps that is the best way to go as a hosting company, and only offer a really locked down (disabling a bunch of functions) to simple virtual hosts. Curt -- "I used to think I was indecisive, but now I'm not so sure." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php