[TYPO3-core] EM2 problems.
Martin Kutschker
Martin.Kutschker at n0spam-blackbox.net
Mon May 22 18:39:38 CEST 2006
rupert germann schrieb:
> On Wednesday 10 May 2006 08:14, Dmitry Dulepov wrote:
>
>>Minor note, neither old code, not patch uses is_uploaded_file(). It
>>should be used for security reasons. This function is available in PHP 3
>>
>>>= 3.0.17, PHP 4 >= 4.0.3, PHP 5.
>
> please help me, how could this used for an attack?
It makes sure the file is not one of the systems own files (eg
/etc/passwd). In theory a malicious TYPOE user could trick TYPO3 into
reading another file instead of the uploaded one. Though I don't see how
this may benefit you in this case. The ext.mgm. will not make much of
/etc/passwd, but the user will not be able to read it. But better a small
check more than one missing.
Masi
More information about the TYPO3-team-core
mailing list