Bugtraq mailing list archives
Re: PHP Security Advisory - Apache Module bugs
From: Javi Polo <javipolo () ONINET ES>
Date: Tue, 16 Jan 2001 10:27:25 +0100
On 12/Jan/2001, Zeev Suraski wrote:
[2] PHP supports the ability to be installed, and yet disabled, by setting the configuration option 'engine = off'. Due to a bug in the Apache module version of PHP, if one or more virtual hosts within a single Apache server were configured with engine=off, this value could 'propagate' to other virtual hosts. Because setting this option to 'off' disables execution of
I've been using for some months this settings (php default off, and then enabling it in the virtualdomains that I want) and I've had no problem at all ... Are there any more known circumstances when it happens ?? -- Javi Polo - javipolo () ivworlds org - navo - DrSlump Proud member of the Panda Gey Community (powered by linux) http://javipolo.ivworlds.org/
Current thread:
- Re: PHP Security Advisory - Apache Module bugs Javi Polo (Jan 16)
- Re: PHP Security Advisory - Apache Module bugs Matthew Keller (Jan 16)
- Re: PHP Security Advisory - Apache Module bugs James Moore (Jan 16)