From: [EMAIL PROTECTED] Operating system: linux PHP version: 4.0CVS-2001-09-12 PHP Bug Type: Session related Bug description: static path in php and mm php (from 4.0.6 and the latest cvs code), has PS_MM_PATH statically defined in ext/session/mod_mm.c. This, coupled with hardcoding of only an extension in libmm.so, allows for a very easy DOS on systems that use session management for at least cgi and external binary placements for php, and quite possibly module installation. Is it produceable? sure.. touch /tmp/session_mm.sem (if using php and mm) -- Edit bug report at: http://bugs.php.net/?id=13268&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
