On Mon, 10 Sep 2001, Joey Smith wrote:
> There are quite a few warnings generated which are semi-bogus, because
> the tool being used is picking up PHP function names like chmod() and
> chown()....while there *are* potential problems here
> (see TSRM/tsrm_virtual_cwd.h), the situation is not as bad as it
> appears...
>
> On the other hand, the suggested fixes (ie, using fchown()) require a
> file descriptor being passed in, which will require quite a bit of
> changes to the underlying API (IIUC), so things may just be worse than
> they appear! :)
>
Actually, the report is pretty bogus. It doesn't check for proper
function usage, but rather, where dangerous functions are used. For
example, it reports a warning every time someone uses sprintf()...
Its not something I'd worry about...
-Sterling
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
