Hello Jan G.B., Am 2010-04-26 11:52:02, hacktest Du folgendes herunter: > I would recommend not to let any user input to your shell. This piece > of code is very insecure as any client may manipulate the shell > command at will.
It is ony a simplified example... The original shell_exec() is more comlicate and I have no absolute pathes (they are mostly all dynamic). > You don't want people to take over your server that easily. :-) > See http://www.php.net/escapeshellcmd and alike. I know Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator -- ##################### Debian GNU/Linux Consultant ###################### Development of Intranet and Embedded Systems with Debian GNU/Linux itsyst...@tdnet France itsyst...@tdnet UG (haftungsbeschränkt) Gesch. Michelle Konzack Gesch. Michelle Konzack Apt. 917 (homeoffice) 50, rue de Soultz Kinzigstraße 17 67100 Strasbourg/France 77694 Kehl/Germany Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil Tel: +33-9-52705884 fix <http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/> <http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/> Jabber linux4miche...@jabber.ccc.de ICQ #328449886 Linux-User #280138 with the Linux Counter, http://counter.li.org/
signature.pgp
Description: Digital signature
