On Thu, 26 Jun 2003, moshe doron wrote:
>
> > limited, so before a check, every segfault *might* have security issues
> > behind...
>
> in the bottom line, there were, there'll and probably there are
> such "security issues" where the dealing is publicly/ in
> contrary there was in the past file uploading issue that cause
> to role pl. where is the difference? the size of the overriding
> memory?
There is a traditional difference between local and remote
exploits.
It is a significant security issue, if a bug can be triggered
by a remote user on any PHP enabled site.
It is of less significance (albeit not completely
irrelevant), if a local user who can create arbitrary PHP
scripts can cause such a event.
- Sascha
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
