Bug 59916
Summary: | PHP in safe mode can read all the server contents | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Renato <renato> |
Component: | mysql | Assignee: | Patrick Macdonald <patrickm> |
Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-02-27 13:53:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Renato
2002-02-14 20:26:06 UTC
rpm -q php I need to know which one it is please cheers Phil =--= php: 4.0.6-7 php-mysql: 4.0.6-7 It's configured as a module in Apache. This is not a bug in PHP. This is a potential bug with MySQL, but php' safe mode cannot prevent this. PHP can only protect internal php functions, and mysql_* use the mysql client library. I'm moving this to the MySQL component, as it can only be handled there. This is not a bug in mysql, it does what you want and it can do. Don't set up unsafe scripts |