patch to php 4.3.10 to disabling URL wrappers in include like statements — PHP

You are here: patch to php 4.3.10 to disabling URL wrappers in include like statements « PHP « IT news, forums, messages

Posted by Tom Z. Meinlschmidt on 03/02/05 09:57

Hi,

I've experienced a lot of attacks in my hosting server due to silly users and
their scripts with holes. So I prepared this little patch to 4.3.10, which
disables using url wrappers in include/include_once/require/require_once
statemens (switchable in php.ini). See readme.security from patch

patch is there:

http://orin.meinlschmidt.org/~znouza/php_patch.txt

comments are welcome

/tom

--
===============================================================================
Tomas Meinlschmidt, SBN3, MCT, MCP, MCP+I, MCSE, NetApp Filer & NetCache
gPG fp: CB78 76D9 210F 256A ADF4 0B02 BECA D462 66AB 6F56 / $ID: 66AB6F56
GCS d-(?) s: a- C++ ULHISC*++++$ P+++>++++ L+++$>++++ E--- W+++$ N++(+) !o
!K w(---) !O !M V PS+ PE Y+ PGP++ t+@ !5 X? R tv b+ !DI D+ G e>+++
h---- r+++ z+++@
===============================================================================

Navigation:

Next in thread: Re: [PHP] patch to php 4.3.10 to disabling URL wrappers in include like statements
Next in forum: Re: [PHP] auto refresh once
Prev in forum: auto refresh once
Thread view: patch to php 4.3.10 to disabling URL wrappers in include like statements

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация