And here is your first exploit, let's say we say mysql_real_escape_string() takes tainted data and makes it untainted, what happens when this "safe" data is passed to exec(). You are going to
I'd say you have really weird code if you do mysql_real_escape_string() in order to pass the data to exec() ;)
need to deal with different levels of taint-untainted and 1 bit is not going to give you that flexibility. You are going to need an int/long, maybe even a long long.
What would be stored in this long long? -- Stanislav Malyshev, Zend Products Engineer [EMAIL PROTECTED] http://www.zend.com/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
