|
|
Posted by Jerry Stuckle on 01/27/07 03:32
Dave wrote:
>
> On Jan 25, 5:54 pm, gordonb.zi...@burditt.org (Gordon Burditt) wrote:
>>> In PHP 4.4, what is the most secure server configuration while keeping
>>> REGISTER_GLOBALS on?Completely disconnected from the network?
>> Powered off?
>
> lol
>
> Ok, what's the least vulnerable usable configuration with
> REGISTER_GLOBALS on?
>
There is none.
> A more specific question is with the server at it's least vulnerable
> configuration, is it possible to gain read/write access to the server
> file system through poorly coded PHP using REGISTER_GLOBALS?
>
It's possible to do anything with poorly written PHP code.
If your hosting company is running with it on, it's time to find another
hosting company.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
[Back to original message]
|