mailing list archives
Re: VERY HIGH VULNERABILITY DISCLOSURE !!! MASS ROOT POSSIBLE !!! PLEASE BE ATTENTIVE !!!
From: Rudolf Polzer <divzero () gmail com>
Date: Sat, 3 Jul 2004 18:18:59 +0200
On Sat, 3 Jul 2004 12:56:50 +0200, Maarten <fulldisc () ultratux org> wrote:
Indeed. But the fact that many READMEs of php code still say something like
"Sadly, there is a bug in <distribution foobar> in the php.ini file. Set
register_globals to ON, otherwise this software will not function."
That they even dare calling it a "bug" is beyond arrogance.
IMHO it will be nice if one could override some php.ini settings on a
per-script basis. For example at parsing time using a comment like
of course not all settings should be able to be overridden...
Full-Disclosure - We believe in it.