Full Disclosure mailing list archives

Re: Security of suphp

From: Stefan Esser <sesser () hardened-php net>
Date: Mon, 20 Jun 2005 14:37:32 +0200

Hey Bernd,

do yourself a favour and do not use safe_mode. safe_mode is not, was never 
and simply can never be secure. It is deprecated.

There are simply too many ways to break out of safe_mode through 3rd party 
libraries like f.e. libcurl. 

Stefan Esser
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Security of suphp Hanno Böck (Jun 19)
- Re: Security of suphp Andrew Griffiths (Jun 19)
  - Re: Security of suphp Bernd Wurst (Jun 20)
    - Re: Security of suphp Stefan Esser (Jun 20)
    - Re: Security of suphp Bernd Wurst (Jun 20)
    - full-disclosure () lists grok org uk Stefan Esser (Jun 20)