Matthias Pigulla wrote:
Well, safe_mode could prevent someone of doing a shell_exec("cat
/home/otheruser/web/config.php"); open_basedir can't do the same
thing.
We were in a continual losing race against that sort of thing though.
In pretty much every single release there have been ways to
d
That's why you can't assure security...
Please read: ... this special type of security...
Regards,
A.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Am 25.11.2005 um 10:51 schrieb Matthias Pigulla:
Because of bugs in the safe_mode implementation (forgetting some
checks?) or conceptual problems?
Safe mode doesn't work 'cos there are lots of third party libraries
which PHP relies on and don't take care of the safe mode. That's why
you c
Actually, three: code blocks, interpolation of complex variables, and
string indexing.
- Andrei
On Nov 24, 2005, at 3:22 AM, Jani Taskinen wrote:
True. But having two purposes for {} is not good either.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http:
On Thu, 24 Nov 2005, Matthias Pigulla wrote:
Admittedly this is ugly to read but the same thing on the other side is
$var[$x][$y] vs. $var[$x]{$y}.
True. But having two purposes for {} is not good either.
And most of the time it's up to the coders how they use the existing
features
