Re: PHP Command/Safemode Exploit

[Christopher Kunz <christopher.kunz () hardened-php net>]

Christopher Kunz wrote:

> If you filter user input correctly, there's absolutely nothing to worry. 
> You might, however, want to check out the Hardening Patch for PHP 
> (http://www.hardened-php.net/, shameless plug) which permits include() 

"disallows", of course. It has been a long week, I apologize.

--ck
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/