Hello Stanislav, I always have control of what I program. I alwayshavecontrol of whichfiles I load. Ergo there is no security issue - WOW.
best regards marcus Sunday, January 14, 2007, 12:03:04 PM, you wrote: MB>>> i also think something should be done here. The is_url flag does not MB>>>really help. What we imho need is an ini setting that allows MB>>>specifying which stream handlers to allow. And that should not include MB>>>user streams. > I don't see how user streams have anything to do with it - if you can > define user stream, you also can run any code you wanted to run through a > stream directly. If you have control over execution engine, you can run > any code, stream or not stream. Best regards, Marcus -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
