Right, so I think the only issue would be when we hide the path to {main} and
anything relative to that. The trade-off would be that the developer will need
to be familiar with his/her own directory structure. After thinking about it
some more, there is the possibility that there are multiple sc
Hi,
Currently the only real "solution" to Full Path Disclosure vulnerabilities in
software developed in PHP is to keep display_errors disabled. Even if a
developer wishes to prevent disclosures at the application level instead, it is
not currently possible with the current implementation of
