Date: Thu, 25 Jul 2002 06:10:08 -0700 (PDT) From: Chris Shenton <chris@shenton.org> To: freebsd-ports@FreeBSD.org Subject: Re: ports/40979: mod_php security fix breaks PHP 4.2.2: variables not passed Message-ID: <200207251310.g6PDA8EO058362@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/40979; it has been noted by GNATS. From: Chris Shenton <chris@shenton.org> To: Alexandr Kovalenko <never@nevermind.kiev.ua> Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: ports/40979: mod_php security fix breaks PHP 4.2.2: variables not passed Date: 25 Jul 2002 09:07:00 -0400 Alexandr Kovalenko <never@nevermind.kiev.ua> writes: > Pilot error! (c) > > Check your /usr/local/etc/php.ini file. > There should be at least: > register_globals = On > register_argc_argv = On Doh! Yes, changing register_globals from default Off to On fixed this. I had a php.ini-dist and no php.ini, so it sounds like the defaults have changed between php versions. Does enabling this put me at risk from the recent security hole? Thanks for the fast response! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207251310.g6PDA8EO058362>