Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:26348
Return-Path: <penguin@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 10435 invoked by uid 1010); 5 Nov 2006 16:42:01 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 10420 invoked from network); 5 Nov 2006 16:42:01 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Nov 2006 16:42:01 -0000
Authentication-Results: pb1.pair.com smtp.mail=penguin@php.net; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=penguin@php.net; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain php.net from 85.235.23.12 cause and error)
X-PHP-List-Original-Sender: penguin@php.net
X-Host-Fingerprint: 85.235.23.12 kbhn-vbrg-sr0-vl207-012.perspektivbredband.net Linux 2.4/2.6
Received: from [85.235.23.12] ([85.235.23.12:45577] helo=mail.ter.dk)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 2B/44-10980-9541E454 for <internals@lists.php.net>; Sun, 05 Nov 2006 11:42:01 -0500
Received: from workpenguin (workpenguin [192.168.1.32])
	by mail.ter.dk (Kaffemaskine) with SMTP id D39DC8A400E;
	Sun,  5 Nov 2006 17:41:58 +0100 (CET)
To: ilia@prohost.org (Ilia Alshanetsky)
Cc: internals@lists.php.net, Wez Furlong <kingwez@gmail.com>,
	"Rasmus Lerdorf" <rasmus@lerdorf.com>
Date: Sun, 05 Nov 2006 17:41:39 +0100
Message-ID: <ps4sk2lcrq4eqmcm3o23bh3q1piko4qsl4@4ax.com>
References: <454C5E50.4030108@zend.com> <454CFAA1.10104@lerdorf.com> <aqvpk2df25h8lc2s6326i8igoh20uj6q1v@4ax.com> <1EA6BEDC-ED17-4FE7-BDB1-B5E5C4FC4BFB@prohost.org> <4e89b4260611050813x42dc16fq74fc6ee240a0038d@mail.gmail.com> <2D1DBDC4-F023-43D1-8A9E-BAB953504BCB@prohost.org>
In-Reply-To: <2D1DBDC4-F023-43D1-8A9E-BAB953504BCB@prohost.org>
X-Mailer: Forte Agent 1.91/32.564
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] allow_url_include and php:/data:
From: penguin@php.net (Peter Brodersen)

Hi,

On Sun, 5 Nov 2006 11:23:03 -0500, in php.internals ilia@prohost.org
(Ilia Alshanetsky) wrote:

>> I think it's a fair assumption that a random host specified in that
>> way be treated as suspicious and lumped in under the
>> disable-includes-by-default category.
>
>What's random? Non localhost/127.0.0.1 ?

Actually any smb server that is requested thorugh PHP's means of
fetching a resource (\\smbserver\...) instead of a device mount in the
operating system (e.g. Z:\ ...).

--=20
- Peter Brodersen