Re: [PHP] session.save_path is a big security hole!

Unfortunetly setting quotes (eg for apache user)doesnt prevent from flooding out entire disk. For example i can have running a script that will check user directories every 15 minutes and if some directory will contain large amount of apache generated files, user account will be disabled and

[PHP] session.save_path is a big security hole!

Theres absolutely no control over session.save_path parameter in php. By setting it to every directory he wants, every user can: 1. (!!!) Absolutely easily generate new sessions with any content for every site on server. 2. Delete other users sessions by setting gc to 100 and probably legal files

Re: [PHP] session.save_path is a big security hole!

* Thus wrote Rx ([EMAIL PROTECTED]): Theres absolutely no control over session.save_path parameter in php. By setting it to every directory he wants, every user can: You can set the value with php_admin_value save_path /tmp 1. (!!!) Absolutely easily generate new sessions with any content

Re: [PHP] session.save_path is a big security hole!

Curt Zirzow [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] * Thus wrote Rx ([EMAIL PROTECTED]): Theres absolutely no control over session.save_path parameter in php. By setting it to every directory he wants, every user can: You can set the value with php_admin_value save_path

Re: [PHP] session.save_path is a big security hole!

* Thus wrote Rx ([EMAIL PROTECTED]): Curt Zirzow [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] * Thus wrote Rx ([EMAIL PROTECTED]): You can set the value with php_admin_value save_path /tmp If i set php_admin_value, user STILL can change the value with ini_set()! I

Re: [PHP] session.save_path is a big security hole!

You didnt understand. I change save.session_path to other's site session directory, do session_start(), write every variable what i want, write down session number, go to this site and using this generated session. You cannt prevent this ever! Does enabling safe_mode counter any of these writing

Re: [PHP] session.save_path is a big security hole!

* Thus wrote John W. Holmes ([EMAIL PROTECTED]): You didnt understand. I change save.session_path to other's site session directory, do session_start(), write every variable what i want, write down session number, go to this site and using this generated session. You cannt prevent this

Re: [PHP] session.save_path is a big security hole!

M, very interesting thread, thanx for starting this. Good comments curt. 1. (!!!) Absolutely easily generate new sessions with any content for every site on server. It's because of the 'suspect' nature of sessions and cookies that i never place userid,username or password in

Re: [PHP] session.save_path is a big security hole!

Raditha Dissanayake [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] M, very interesting thread, thanx for starting this. Good comments curt. 1. (!!!) Absolutely easily generate new sessions with any content for every site on server. It's because of the 'suspect'