| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44.0209251106380.17418-100000@kerri.darla.co.uk> From: gossi at lab6.com (Gossi The Dog) Subject: Re: Information Disclosure with Invision Board installation (fwd) On Wed, 25 Sep 2002, Ka wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > At Mittwoch, 25. September 2002 01:55 Rossen wrote: > > Fortunately phpinfo() is disabled in safe mode, > > which is a must for a "production server". > > Good idea. But this is not happening on apache > mod_php4 or am I missing something? > > - ------------ output from phpinfo() ---------- > PHP Version 4.0.6 > ... > Directive Local Value Master Value > ... > safe_mode On On > - --------------------------------------------- I've checked this with PHP4 too, and get the same behaviour. I presume phpinfo() can be disabled somewhere in the conf files for safe mode. Is it by default, one wonders.
Powered by blists - more mailing lists