Quoting Michael M Slusarz <slus...@horde.org>:
Quoting Olivier <oliv...@ablinux.com>:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request
variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX',
file '.../services/ajax.php')
Still waiting for someone to tell me how a NULL character, by
itself, is a security threat.
What if the variable is expected to be numeric and you start doing math on it?
Isn't the purpose of suhosin to try and catch the stuff developers
didn't catch?
Rick
--
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
