[wp-trac] Re: [WordPress Trac] #6465: tempnam() has been disabled
for security reason
WordPress Trac
wp-trac at lists.automattic.com
Fri Apr 25 13:44:39 GMT 2008
#6465: tempnam() has been disabled for security reason
----------------------------+-----------------------------------------------
Reporter: DD32 | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.5.1
Component: Administration | Version: 2.5
Severity: normal | Resolution:
Keywords: has-patch |
----------------------------+-----------------------------------------------
Changes (by DD32):
* keywords: needs-patch => has-patch
Comment:
> attachment 6465.diff added.
* Introduces {{{wp_tempnam()}}} to find a filename which is useable,
based off a provided filename/url & optionally a path (Note: The args are
not the same as PHP's tempnam, as the arguement order makes more sense in
this fasion for !WordPress's use)
* Adds checks for {{{getmyuid()}}} and {{{fileowner()}}} before
attempting to use them
* And adds a filter to the filesystem method.
--
Ticket URL: <http://trac.wordpress.org/ticket/6465#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list