Posted by Java Boy on 12/06/05 22:46
think about reading /etc/passwd
--
Geeks Home
www.fahimzahid.com
"bio-anomoly" <biohazard@gardener.com> wrote in message
news:1133842536.168161.211180@g43g2000cwa.googlegroups.com...
> I was just giving my PHP a bit of a spin, and I noticed that opendir
> opens EVERYTHING, and unix commands can be executed with the ' grave,
> like this 'ls -lR /'.
>
> Can someone quantify how slack this is? Is it normal practice amongst
> large servers?
>
> When the security is this crap, what else can happen?
>
[Back to original message]
|