Hi.
I've (or rather the company I work for) recently transferred to a new new
PHP host (www.hotchilli.com). All is fine, but they do not allow file
uploads via a form, stating the following security risk:
Arbitrary file disclosure through PHP file upload
http://www.net-security.org/text/bugs/968074710,61298,.shtml
The following, posted by Zeev, would seem to suggest that the above has been
solved some time ago:
http://www.securityfocus.com/templates/archive.pike?list=1&mid=80197
Hotchilli also state that 'we have been advised in addition to this by the
developers of PHP who we work with quite closely to disable the function on
'all' shared servers.'
So. Could someone please tell me if this bug has been solved and if so, in
what version?
Cheers,
-Toby Goldstone / [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
