From: [EMAIL PROTECTED] Operating system: Linux 2.4.18 PHP version: 4.2.0 PHP Bug Type: Scripting Engine problem Bug description: error_log can be used to bypass safe_mode
By doing ini_set('error_log', 'any_path); The user can append data to any
file writeable by the webserver.
--
Edit bug report at http://bugs.php.net/?id=17168&edit=1
--
Fixed in CVS: http://bugs.php.net/fix.php?id=17168&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=17168&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=17168&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=17168&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=17168&r=support
Expected behavior: http://bugs.php.net/fix.php?id=17168&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=17168&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=17168&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=17168&r=globals
