There is a big security problem in suPHP. When activated, suPHP give to php the .php.jpg files. A Hacker can upload a php renamed to .php.jpg in an image upload form and have all access to the site :/ The bug is not present when suPHP is loaded into memory and deactivated with : suPHP_Engine off RemoveHandler .php AddHandler application/x-httpd-php .php AddType application/x-httpd-php .php php_admin_flag engine on
It's a big problem :/ I Hope you will make an update soon. @+ Vermi _______________________________________________ suPHP mailing list suPHP@lists.marsching.biz http://lists.marsching.biz/mailman/listinfo/suphp
