Re: PHP Security Advisory - Apache Module bugs

[Javi Polo <javipolo () ONINET ES>]

On 12/Jan/2001, Zeev Suraski wrote:

> [2] PHP supports the ability to be installed, and yet disabled, by setting
> the configuration option 'engine = off'.  Due to a bug in the Apache module
> version of PHP, if one or more virtual hosts within a single Apache server
> were configured with engine=off, this value could 'propagate' to other
> virtual hosts.  Because setting this option to 'off' disables execution of

I've been using for some months this settings (php default off, and then
enabling it in the virtualdomains that I want) and I've had no problem at
all ...

Are there any more known circumstances when it happens ??

--
Javi Polo - javipolo () ivworlds org - navo - DrSlump
Proud member of the Panda Gey Community (powered by linux)
http://javipolo.ivworlds.org/