From: [EMAIL PROTECTED] Operating system: Linux PHP version: 4.0.4pl1 PHP Bug Type: Directory function related Bug description: Security Hole on ChDir() ChDir() can be use to enter a directory which belongs to others. Hackers can use this hole to break the SafeMode and OpenBaseDir restriction and enter and view and even open files in someone else' directory. In a multiuser environment where users must have some files with the same owner( such as 'nobody', to handle file-upload tasks), this hole is extremely dangerous. -- Edit Bug report at: http://bugs.php.net/?id=11570&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
