subject:"\[PHP\] PHP \/ MYSQL security bug"

[PHP] PHP / MYSQL security bug

2002-02-05 Thread Gerard Onorato

Maybe I missed the thread but I was wondering if anyone has seen this report or done any testing on it. We tested it and it seems a pretty valid problem. Can anyone comment on a fix that may be in the works? Gerard -

RE: [PHP] PHP / MYSQL security bug

2002-02-05 Thread James Cox

. --james -- James Cox :: [EMAIL PROTECTED] Was I helpful? http://www.amazon.co.uk/exec/obidos/wishlist/23IVGHQ61RJGO/ -Original Message- From: Gerard Onorato [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 4:00 PM To: [EMAIL PROTECTED] Subject: [PHP] PHP / MYSQL security bug

Re: [PHP] PHP / MYSQL security bug

2002-02-05 Thread Analysis and Solutions

Hi Folks: Gerard Onorato wrote on the PHP-GENERAL mailing list: Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem ... snip ... FIX Currently, no fix exists. ... snip ... A suggested fix for the PHP developers might be to scan