ID: 161 Updated by: [EMAIL PROTECTED] Reported By: benkovsk at pha dot pvt dot cz Status: Closed -Bug Type: Other +Bug Type: *General Issues Operating System: Digital Unix v3.2D2 PHP Version: 3.0b5 Assigned To: rasmus New Comment:
. Previous Comments: ------------------------------------------------------------------------ [1998-03-15 22:02:17] rasmus Fixed. Patch is available at: http://ca.php.net/cvsweb.cgi/fopen-wrappers.c?r1=1.14&r2=1.15 ------------------------------------------------------------------------ [1998-03-11 08:50:16] benkovsk at pha dot pvt dot cz Hi, I can read root owned files (/etc/passwd) with ReadFile() or File() even if phtml file and dir is owned by non-root user. phpinfo reports safemode=1. Include() in the same script on the same file returns permission error, which is right. BTW: Why there's not a Bug type 'Security'? My config line: ./configure --with-apache=../apache_1.3b5 --with-config-file-path=/usr/internet/apache/conf --disable-debug --enable -safe-mode --with-exec-dir=/usr/internet/apache/safe-bin --enable-memory-limit ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=161&edit=1