Re: RFC: source files without opening tag

From: Date: Tue, 10 Apr 2012 03:05:00 +0000
Subject: Re: RFC: source files without opening tag
References: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16  Groups: php.internals 
Request: Send a blank email to [email protected] to get a copy of this message 
Hi!

> LFI risk is unique to PHP. The cause of risk is mandatory embedded script.

No it's not. If you write Python code that loads code from random file
and evaluates it, it will be "vulnerability in Python". If you write in
in Bash, it would be "vulnerability in bash". If you write it in C, it
will be "vulnerability in C". I don't see anything unique to PHP here.
-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227

Thread (109 messages)

« previous php.internals (#59607) next »