[Phpmyadmin-devel] sessions/cookies vs. javascript
Marc Delisle
Marc.Delisle at cegepsherbrooke.qc.ca
Tue Sep 27 06:27:01 CEST 2005
Sebastian Mendel a écrit :
> Garvin Hicking wrote:
>
>> Hi!
>>
>>>> <?php
>>>> $d = opendir('/tmp');
>>>> while (($file = readdir($d)) !== false) { echo $file . "\n"; }
>>>
>>> uuh, bad, this is really a misconfiguration! the web (apache and/or
>>> php) user
>>> should not have read access an this directory! only on the files
>>> created by
>>> themselves in there!
>>
>>
>> You are right, I messed this up myself by making /tmp world-writable.
>> Sorry for
>> the hassle. :)
>
>
> world writable is _not_ wrong,
> world readable is wrong! ;-)
>
>
/tmp has always been world readable and writable!
Marc
More information about the Developers
mailing list