> > Yes, but safe_mode guards against one user getting at another's user's
> > data. So again, I fail to see your point here.
>
> No offence but this bullshit.
>
> On a system with safe_mode
> <?php
> show_source("/etc/passwd");
> ?>
>
> Works!! What data did you protect?!
None in this case, but that has nothing to do with the problem. That is
obviously a bug. Did you submit it? The fact is that the problem cannot be
solved purely by UNIX-level permissions. Things like safe-mode or
open_basedir are needed.
And the ISP that is on the ball will add disable_functions = show_source
to their php.ini after reading this message.
-Rasmus
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
