|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2004-12-27 01:22 UTC] derick@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Apr 18 10:01:28 2024 UTC |
Description: ------------ It is possible to access a file which is outside directory specified in open_basedir directive. This bug is really easy to reproduce - just set some open_basedir and try to read the contents of, for example, /etc/passwd I didn't find this bug, I read about it on security-related web-site, checked it, and it worked :( Reproduce code: --------------- <?php $var1 = curl_init("file:///etc/passwd"); $anyfile=curl_exec($var1); echo $anyfile ?> Expected result: ---------------- I would expect an error in the log saying about open_basedir restriction and access to the file being denied. Actual result: -------------- you'll get the contents of /etc/passwd