Liam MacKenzie wrote:
> And also...
> How do I go about securing PHP functions. For example, at the moment Joe
> can upload a PHP script that deletes /etc/named.conf. NOT GOOD!
Surely this is a general security issue? If an ordinary user is allowed
to delete /etc/named.conf (whether by PHP, Perl or a command line "rm
/etc/named.conf") then the permissions are not right (only root normally
having write permission). Joe may be able to run a script that _tries_
to delete /etc/named.conf but the permissions should not allow it.
Or am I missing something?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php