On Tue, 2001-12-11 at 14:04, Zeev Suraski wrote: > At 12:36 11/12/2001, Mathieu Kooiman wrote: > >On Tue, 2001-12-11 at 11:29, Zeev Suraski wrote: > > > Would the cwd of the PHP CGI be inside the user's dir? Did you test it in > > > a real CGI environment? > > > > > > Zeev > > > >Err, PHP CGI would be in /usr/local/bin/php.. > > Yeah, but that's not what I asked - I asked about the cwd (current working > directory :) >
There are situaties where you have like: /opt/guide/somesite.com/cgi-bin /opt/guide/somesite.com/htdocs /opt/guide/somesite.com/logs cgi-bin and htdocs (2 possible cwds) are under user control. (if *that*'s what you meant) > >'Wouter' tells me he has tested it in a real CGI environment. > > This is exploitable iff the cwd of PHP when running as a CGI is a directory > under the user's control. > > Zeev -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
