Full Disclosure mailing list archives
Re: AW: securing php
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 20 Aug 2003 11:07:03 +0200
vogt () hansenet com writes:
You an enable PHP's "Safe Mode", which goes a long way to closing these holes, but it's not a 100% solution.
PHP uses many libraries which were not designed to cope with malicious input from the application. That's why PHP Safe Mode is unsafe *by* *design*. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: securing php vogt (Aug 20)
- Re: AW: securing php Florian Weimer (Aug 20)
- Re: securing php Kristian Koehntopp (Aug 20)
- <Possible follow-ups>
- RE: AW: securing php Rainer Gerhards (Aug 20)