Re: PHP Security Risk?

[Simon <simon () xhz ca>]

It all depends on how you handle the file after it has been uploaded.  Is it 
sent in a public directory, accessible from the web?

Take the following very simple example:

I have a very malicious PHP script that gets all the information I need to crack 
your machine.

I upload it through the upload script you have.
I execute the file because it is now on your server and is public.

The upload in itself is not a problem.  It's what you do with the uploaded data 
that may cause trouble.  Remember to never ever trust what can be input from 
public users (even private users), variables, get/post, files...

HTH,
  Simon

Stephane Auger wrote:

> Hi guys,
>
>   I don't know if this is the right mailing list to ask this, if not
> don't hesitate to warn me.  I'm using a Windows Server 2003 with IIS6
> and PHP5.  Fully patched, by the way.  Someone asked me to enable the
> file-upload function in PHP so people could upload files to his web
> site, which is one of many I host.  Does anyone know if file uploading
> in PHP could cause a security risk on the server?  I know there used to
> be many flaws in the old versions, but I don't know about now... I
> haven't seen anything recent about this.  Thanks for your help!
>
> Stephane Auger