From: [EMAIL PROTECTED]
Operating system: Linux 2.4.18
PHP version: 4.2.0
PHP Bug Type: Scripting Engine problem
Bug description: unlink() bypasses safe_mode & file permissions
unlink() function can be used to delete files that user does not have
permissions to delete.
Ex.
touch test;
ls -l test;
-rw-r--r-- 1 forum forum 0 May 12 10:33 test
ls -l a.php
-rw-rw-rw- 1 www www 35 May 12 10:33 a.php
a.php:
<?php unlink('test'); ?>
after a.php is run via the web the file test is GONE!
--
Edit bug report at http://bugs.php.net/?id=17162&edit=1
--
Fixed in CVS: http://bugs.php.net/fix.php?id=17162&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=17162&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=17162&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=17162&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=17162&r=support
Expected behavior: http://bugs.php.net/fix.php?id=17162&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=17162&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=17162&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=17162&r=globals
