Hi guys, On the nginx mailing list, there is an interesting conversation about the usage of php through fastcgi with nginx which can cause a security hole: http://forum.nginx.org/read.php?2,88845
I don't really know the origin of the fix_pathinfo ini variable. So I don't know if it's really a bug or a mis-configuration. What do you think ? ++ Jerome -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
