ID: 17156
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
-Status: Open
+Status: Closed
Bug Type: Scripting Engine problem
Operating System: Linux 2.4.18
PHP Version: 4.2.0
New Comment:
Fixed in CVS (for all functions with a safemode_include_dir switch).
Note that this was only a problem if the safemode_include_dir was not
defined in the php.ini file.
Previous Comments:
------------------------------------------------------------------------
[2002-05-11 15:22:23] [EMAIL PROTECTED]
If a readfile() function is passed 2nd parameter it can be used to read
ANY file on the system regardless of safe_mode.
ex.
<?php
readfile('/etc/passwd', 1);
?>
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=17156&edit=1
