eheh, yes, very dangerous, imagine that one user put this on username form field
"; echo root:x:0:0:root:/root:/bin/bash > /etc/passwd" or things like that :) -----Mensaje original----- De: Ray Hunter [mailto:[EMAIL PROTECTED] Enviado el: miércoles, 01 de octubre de 2003 16:06 Para: nabil CC: [EMAIL PROTECTED] Asunto: Re: [PHP] exec command Importancia: Baja > I want to execute > #useradd -d /home/all -g wahtever -s /bin/bash newuser You have to be root to add a user to the system...and just a heads up...you might want to rethink doing this from apache or php. The security implications alone make me cringe. -- Ray -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
