Hello
Sorry, I clearly didn't make myself clear. I was refering to when NOT
using safe mode - which is too limiting for our clients. We prefer to use
open basedir. Anyway, not to worry, I simply modified the source code to
prevet exec of backticks.
Cheers
Henka
On 3 Feb 2001, Bug Dat
From: [EMAIL PROTECTED]
Operating system: linux 2218
PHP version: 4.0.4pl1
PHP Bug Type: *Configuration Issues
Bug description: echo `cat /etc/passwd` -- bypasses open_basedir .
Even with open_basedir . configured in php.ini, the following bypasses it with
concerning ease:
