But, really, can somebody be both smart enough to get SMB to even
work, then manage to mount somebody else's untrusted drive or be dumb
enough to let somebody else mount their own SMB drive, and then
include() it i their PHP code? How likely is this scenario?
AFAIK, in order to use \\IP\share\file you do not need to do anything
for the client machine on windows - it would work out of the box
provided target computer allows anonymous SMB and TCP/IP access to it is
available. You do not need to mount it or anything. It would take some
skill to set the SMB server, but not much more than setting http
server.
Setting it as a drive letter, however, requires some client effort, so I
think it's where the line should be drawn - letter OK, \\IP not OK. It's
also something we can easily do :)
--
Stanislav Malyshev, Zend Products Engineer
[EMAIL PROTECTED] http://www.zend.com/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
