Bug #17163: rename() bypasses safe_mode

Sun, 12 May 2002 07:42:59 -0700 

From:             [EMAIL PROTECTED]
Operating system: Linux 2.4.18
PHP version:      4.2.0
PHP Bug Type:     Scripting Engine problem
Bug description:  rename() bypasses safe_mode

rename() function can be used to rename files a user has no access to
according to safe_mode.

Ex.

touch test
<?php rename('test', 'test2'); ?>
-- 
Edit bug report at http://bugs.php.net/?id=17163&edit=1
-- 
Fixed in CVS:        http://bugs.php.net/fix.php?id=17163&r=fixedcvs
Fixed in release:    http://bugs.php.net/fix.php?id=17163&r=alreadyfixed
Need backtrace:      http://bugs.php.net/fix.php?id=17163&r=needtrace
Try newer version:   http://bugs.php.net/fix.php?id=17163&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=17163&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=17163&r=notwrong
Not enough info:     http://bugs.php.net/fix.php?id=17163&r=notenoughinfo
Submitted twice:     http://bugs.php.net/fix.php?id=17163&r=submittedtwice
register_globals:    http://bugs.php.net/fix.php?id=17163&r=globals

Reply via email to