Bug #1574

After finding a pathinfo part in the path, the new path is not checked for symlinks

Added by stbuehler over 6 years ago. Updated over 6 years ago.

Status:FixedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:core
Target version:1.5.0
Missing in 1.5.x:

Description


server.follow-symlink = "disable" 
# + some fastcgi config for .php

Now create some test.php (e.g. phpinfo() ) and symlink it to symlink.php

Now:
- /symlink.php : 403 Forbidden
- /symlink.php/ : Output of test.php

History

#1 Updated by stbuehler over 6 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

Fixed in r2093

Also available in: Atom