[lug] php file upload vulnerability
Hugh Brown
hugh at vecna.com
Wed Jul 3 19:15:33 MDT 2002
I was looking at installing some web applications that rely on php
(horde/imp, gallery). I remember seeing that there was a problem with
file upload and that a workaround was to turn the ability to do file
uploads off in php.ini.
I want to install via rpm if possible because of its ease of upgrade.
Are the rpms for redhat just a patch that turns off file upload are is
the problem fixed. I will need to turn on the file upload so that I can
let people upload photos for gallery (I'm not sure what horde/imp's
needs are in that regard).
Hugh
More information about the LUG
mailing list