[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Security of suphp

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Security of suphp
From: Stefan Esser <sesser@xxxxxxxxxxxxxxxx>
Date: Mon, 20 Jun 2005 14:37:32 +0200

Hey Bernd,

do yourself a favour and do not use safe_mode. safe_mode is not, was never 
and simply can never be secure. It is deprecated.

There are simply too many ways to break out of safe_mode through 3rd party 
libraries like f.e. libcurl. 

Stefan Esser
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Security of suphp
  - From: Bernd Wurst

References:
- Re: [Full-disclosure] Security of suphp
  - From: Bernd Wurst

Prev by Date: Re: [Full-disclosure] Security of phpBB
Next by Date: Re: [Full-disclosure] Security of phpBB
Previous by thread: Re: [Full-disclosure] Security of suphp
Next by thread: Re: [Full-disclosure] Security of suphp
Index(es):
- Date
- Thread