Full Disclosure mailing list archives
Re: Information Disclosure with Invision Board installation (fwd)
From: gossi () lab6 com (Gossi The Dog)
Date: Wed, 25 Sep 2002 11:13:27 +0000 (GMT)
On Wed, 25 Sep 2002, Ka wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At Mittwoch, 25. September 2002 01:55 Rossen wrote:Fortunately phpinfo() is disabled in safe mode, which is a must for a "production server".Good idea. But this is not happening on apache mod_php4 or am I missing something? - ------------ output from phpinfo() ---------- PHP Version 4.0.6 ... Directive Local Value Master Value ... safe_mode On On - ---------------------------------------------
I've checked this with PHP4 too, and get the same behaviour. I presume phpinfo() can be disabled somewhere in the conf files for safe mode. Is it by default, one wonders.
Current thread:
- Information Disclosure with Invision Board installation (fwd) Gossi The Dog (Sep 24)
- Re: Information Disclosure with Invision Board installation (fwd) Rossen (Sep 24)
- Re: Information Disclosure with Invision Board installation (fwd) Ka (Sep 25)
- Re: Information Disclosure with Invision Board installation (fwd) Gossi The Dog (Sep 25)
- Re: Information Disclosure with Invision Board installation (fwd) Ka (Sep 25)
- Re: Information Disclosure with Invision Board installation (fwd) Gossi The Dog (Sep 25)
- <Possible follow-ups>
- Re: Information Disclosure with Invision Board installation (fwd) Schmehl, Paul L (Sep 25)
- Re: Information Disclosure with Invision Board installation (fwd) Rossen (Sep 24)