PHP :: Doc Bug #5028 :: incorrect security config url

Doc Bug #5028	incorrect security config url
Submitted:	2000-06-14 12:31 UTC	Modified:	2000-06-14 13:56 UTC
From:	pgl at instinct dot org	Assigned:
Status:	Closed	Package:	Documentation problem
PHP Version:	4.0.0 Release	OS:	FreeBSD
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	pgl at instinct dot org
New email:
PHP Version:		OS:

New Comment:

[2000-06-14 12:31 UTC] pgl at instinct dot org

after a make install on php4, I got the following message:

+--------------------------------------------------------------------+
| Warning:                                                           |
| You will be compiling the CGI version of PHP without any           |
| redirection checking.  By putting this cgi binary somewhere in     |
| your web space, users may be able to circumvent existing .htaccess |
| security by loading files directly through the parser.  See        |
| http://www.php.net/manual/config-security.php3 for more details.   |
+--------------------------------------------------------------------+


(I hope that paste isn't as screwed up on your screen)

www.php.net/manual/config-security.php(3?) doesn't exist, and you also get a 404 error trying to find the ErrorDocument.

cheers,

Peter.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-06-14 13:21 UTC] eschmid at cvs dot php dot net

That's not a bug, it is a feature.

[2000-06-14 13:25 UTC] pgl at instinct dot org

htf is that a feature? you mean by saying "you've got a security problem, go
to this page to see why" and that page doesn't exist, that's a feature? can't
someone just change the url in the config script?

or am I just the victim of my own gullibility (again)?

[2000-06-14 13:56 UTC] eschmid at cvs dot php dot net

It's now corrected in CVS.  Read http://www.php.net/manual/security.php.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Mon Jun 15 00:00:02 2026 UTC