Raphael Geissert schrieb:
disable_functions = dl, phpinfo, system, mail, include, shell_exec, exec,
include()? I don't want to imagine how many scripts will break.
A script that doesn't run is a *very* secure script.
-thh
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Don, 2008-01-03 at 22:54 +0100, Moritz Muehlenhoff wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1447-1 [EMAIL PROTECTED]
http://www.debian.org/security/
On Sat Jan 05, 2008 at 15:11:22 +, Steve Kemp wrote:
-
Debian Security Advisory DSA-1448-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
January 05, 2008
Thomas Hochstein [EMAIL PROTECTED] wrote:
Raphael Geissert schrieb:
disable_functions = dl, phpinfo, system, mail, include, shell_exec,
exec,
include()? I don't want to imagine how many scripts will break.
A script that doesn't run is a *very* secure script.
That depends on the error
On 5 Jan 2008 16:33:07 GMT, Paul Hink [EMAIL PROTECTED] wrote:
Thomas Hochstein [EMAIL PROTECTED] wrote:
Raphael Geissert schrieb:
disable_functions = dl, phpinfo, system, mail, include, shell_exec,
exec,
include()? I don't want to imagine how many scripts will break.
A script
Quoting Luis Mondesi ([EMAIL PROTECTED]):
Good one! LOL
spilling ugly db*connect() errors to the world to see is not very
secure indeed. or how about: foo() could not open /etc/my-secret-users
file
Which is of course why you also want these in php.ini:
log_errors = On
error_log =
6 matches
Mail list logo