Am 13.08.2013 21:36, schrieb Stefan Kanthak: >> *define what is secure* and make sure you define it by context >> >> unlink('file_my_script_wrote'); is fine > > No, its UNSAFE! > The standard use case of PHP is "preprocessor for HTTP demon". > There is ABSOLUTELY no need to allow the preprocessor to unlink a file. come back to reality the standard usecase of PHP is develop WEB-APPLICATIONS which are typically deal with file-uploads and such things, you can whine about it but *that is* the usecase of PHP >> unlink($_GET['what_ever_input']): is a security hole > > No, not necessarily. The user who can run > > $ php -r "unlink($_GET['what_ever_input']);" > > can also run > > $ rm "$SOMEFILE" if you would have a clue what are you speaking about you would know what $_GET is - hint: it has nothing to do with a terminal > OTOH: the user who can instruct his web browser to fetch > <http://example.org/index.html> is not able to unlink $SOMEFILE by > calling "rm". wow - without you explaining the world that statically html pages are safe we would go down - genius for that you do not need suEXEC, perl, PHP or whatever at all >> so do we now disable unlink(); > > Not WE, but the developer. > All functions which are not used in the typical operating > environment of the resp. program (see above) have to be turned > off by default. "file handling" is NONE of PHPs typical operations! why do people which never wrote a serious web-application not simply shut up in this thread?
Description: OpenPGP digital signature