Guys: This is a rather meaningless thread. It is a security issue that is displaced.
Anybody can take down his own machine with a couple of lines of code. It is not the (entire) responsibility of the language to protect the machine from resource exhaustion or whatever. In security, you have the concept of the trusted user, and the users on my machine I trust. If you are running a public server, you just don't let any code go on to the machine if it is not from a trusted user. The only alternative is for the server owner to inspect the code in order to trust the code, if he does not trust the user. If a server owner lets script kiddies on the server, it is a security issue, not a PHP issue. If the originator of this thread thinks this is a weakness in PHP with the posted code, he is mistaken. _justin -- Justin Farnsworth Eye Integrated Communications 321 South Evans - Suite 203 Greenville, NC 27858 | Tel: (252) 353-0722 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php