Ten Security Checks for PHP
On Lamp talks about
ten security checks for PHP.
"File uploads can suffer from a severe case of the untrusted global
variables problem that is worth considering as an additional problem.
When a file is uploaded, a PHP script is given a variable that provides
the name of the temporary file where PHP saves the uploaded file.
However, the user could construct a URL that sets this variable to a
malicious value such as /etc/passwd and not upload a file."
(Submitted by Noel Fri Mar 21, 2003 )
Our content can be syndicated: Main page Mac Page
Copyright 1999-2005 Noel Davis. Noel also runs web sites about sailing and kayaking.
All trademarks are the property of their owners.
All articles are owned by their author