[pmwiki-users] pmwiki exploit
V.Krishn
webmaster at insteps.net
Wed Sep 6 07:08:09 CDT 2006
On Wednesday 06 September 2006 14:47, Thomas -Balu- Walter wrote:
> On Wed, Sep 06, 2006 at 01:26:39PM +0530, V.Krishn wrote:
> > > php_flag register_globals off
> >
> > Thanks for the warnings.
> > Its amazing how my webspace provider had left this variable on. If I am
> > not mistaken this variable got to be off by default in PHP 4.2 and above.
>
> There are still a lot of applications that need to have this on. So most
> providers enable it...
I guess so, but I think the best way would be each application has its
required settings in their own .htaccess at its root folder. I might be
mistaken, or is it that the server is still at risk if only one application
is secured?
V.Krishn
>
> Balu
>
> _______________________________________________
> pmwiki-users mailing list
> pmwiki-users at pmichaud.com
> http://www.pmichaud.com/mailman/listinfo/pmwiki-users
More information about the pmwiki-users
mailing list