[18641] in bugtraq
Re: PHP Security Advisory - Apache Module bugs
daemon@ATHENA.MIT.EDU (Javi Polo)
Tue Jan 16 13:56:09 2001
Mail-Followup-To: Javi Polo <javipolo@oninet.es>, Zeev Suraski <zeev@ZEND.COM>,
BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010116102725.L5104@gibson.oninet.es>
Date: Tue, 16 Jan 2001 10:27:25 +0100
Reply-To: Javi Polo <javipolo@ONINET.ES>
From: Javi Polo <javipolo@ONINET.ES>
X-To: Zeev Suraski <zeev@ZEND.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <5.0.2.1.2.20010112204410.021d1ff8@mail.zend.com>; from
zeev@ZEND.COM on Fri, Jan 12, 2001 at 09:14:10PM +0200
On 12/Jan/2001, Zeev Suraski wrote:
> [2] PHP supports the ability to be installed, and yet disabled, by setting
> the configuration option 'engine = off'. Due to a bug in the Apache module
> version of PHP, if one or more virtual hosts within a single Apache server
> were configured with engine=off, this value could 'propagate' to other
> virtual hosts. Because setting this option to 'off' disables execution of
I've been using for some months this settings (php default off, and then
enabling it in the virtualdomains that I want) and I've had no problem at
all ...
Are there any more known circumstances when it happens ??
--
Javi Polo - javipolo@ivworlds.org - navo - DrSlump
Proud member of the Panda Gey Community (powered by linux)
http://javipolo.ivworlds.org/
