ID: 9000
Updated by: david
Old-Status: Open
Status: Closed
Bug Type: *Configuration Issues
Assigned To: 

safe_mode disables ``
safe_mode_exec_dir specifies a base directory for executables
disable_functions allows you to turn disable certain functions completely

Previous Comments:

[2001-01-30 07:47:01] [EMAIL PROTECTED]

Even with open_basedir . configured in php.ini, the following bypasses it with 
concerning ease:

        echo `cat /etc/passwd`;

The fact that open_basedir is in force is obvious when we try fopen ("/etc/passwd", 
"r"), etc - ie, the expected open_basedir error pops up.

Surely this is not a bug?  If so, is there a way to disable backticks?

I'll wait for some kind of response before I send this to the usual support mailing 


ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to