27 Sep
2005
27 Sep
'05
8:05 a.m.
Hi!
<?php $d = opendir('/tmp'); while (($file = readdir($d)) !== false) { echo $file . "\n"; }
uuh, bad, this is really a misconfiguration! the web (apache and/or php) user should not have read access an this directory! only on the files created by themselves in there!
You are right, I messed this up myself by making /tmp world-writable. Sorry for the hassle. :)
Regards, Garvin
--
++ Garvin Hicking | Web-Entwickler [PHP] | www.garv.in | ICQ 21392242
++ Developer of | www.phpMyAdmin.net | www.s9y.org
++ Make me happy | http://wishes.garv.in