While we're at it, isn't it a good idea to shut down allow_url_fopen as well? Are there any major add-ons that need it?
And would I be better off with 1) Php open_basedir Protection ENABLED and 2) Do php code directories NOT having write permissions from web-server processes?
(Crash--if you read what you wrote, you said you uninstalled 1.0 and then "reinstalled." You didn't say what you reinstalled, and it is not correct to say you "reinstalled" a security upgrade because it had never been installed before. Logically I asummed you reinstalled 1.0 for some bizarre reason. Precise English is helpful!)
Post edited by: dpk, at: 2006/08/12 20:41
Post edited by: dpk, at: 2006/08/12 20:47