摘要: PHP 5.1.5 在8.17号发布了,修补了几个绕过open_basedir的漏洞,我们一个个来看:
Quote form http://www.php.net/release_5_1_5.php
--------------------------------------------------------------------------------
Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.
Fixed possible open_basedir/safe_mode bypass in cURL extension and with realpath cache.
-----------------------------------------------------------------------------
阅读全文