Portal Home > Knowledgebase > Articles Database > PhP can read /etc/passwd and other files in /etc/
PhP can read /etc/passwd and other files in /etc/
Posted by serjs, 11-05-2010, 10:33 AM |
How to disable read files from /etc and other dir's? I have apache2 + nginx and php as fcgi on my server.
I don't want give access to apache conf and other files.
|
Posted by KnownSRV, 11-05-2010, 12:17 PM |
Hey,
Take a look at open_basedir and safe mode. However, the attacker will be still able to read those files cia CGI.
|
Posted by krizag, 11-06-2010, 05:42 PM |
check for disable functions in php too, disable functions like exec...
|
Add to Favourites Print this Article
Also Read