[Bug 356646] Re: php safe mod bypass
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Apr 10 18:20:33 BST 2009
The second issue send this to the server:
$mLimit='512M';ini_set('memory_limit',$mLimit);if(!$mLimit =
ini_get('memory_limit'))$mLimit = '2M';$mLimitInKb = substr($mLimit,
1)*1024*0.8;for($i=0;$i<$mLimitInKb;$i++)$m.=str_repeat('m',1024);sleep(99999999);
I don't see how this is a security issue. It is not a bug that
max_execution_time doesn't count sleep.
** Changed in: php5 (Ubuntu)
Status: Confirmed => Invalid
--
php safe mod bypass
https://bugs.launchpad.net/bugs/356646
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list