On Thu, 18 Jan 2001, Toby Butzon wrote:
> As a side note, check this link out ;)
> http://[removed]?file=/etc/passwd
>
> --Toby
>
Oh come on. Exposing this file even with shadow passwords in place is still a
HUGE risk, because now your userids are exposed and your system is vulnerable
to a brute-force attack. Never, EVER, do something as silly as this,
especially in a public forum.
--
Ignacio Vazquez-Abrams <[EMAIL PROTECTED]>
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
