[Phpmyadmin-devel] sessions/cookies vs. javascript
Sebastian Mendel
lists at sebastianmendel.de
Tue Sep 27 06:15:12 CEST 2005
Garvin Hicking wrote:
> Hi!
>
>>> <?php
>>> $d = opendir('/tmp');
>>> while (($file = readdir($d)) !== false) { echo $file . "\n"; }
>> uuh, bad, this is really a misconfiguration! the web (apache and/or php) user
>> should not have read access an this directory! only on the files created by
>> themselves in there!
>
> You are right, I messed this up myself by making /tmp world-writable. Sorry for
> the hassle. :)
world writable is _not_ wrong,
world readable is wrong! ;-)
--
Sebastian Mendel
www.sebastianmendel.de
www.sf.net/projects/phpdatetime | www.sf.net/projects/phptimesheet
More information about the Developers
mailing list