Am 08.10.2012 20:12, schrieb Joe Zeff: > On 10/08/2012 11:08 AM, Tom Horsley wrote: >> Anyone have any clue what is causing this to happen? >> I can't imagine this is something that would be desirable >> behavior :-). > > What are the permissions on the file? apache/php is not interesed at all in execute-flags this is widely known and caused by the "MultiViews" option and can also lead to execute PHP if images contain code and saved with .php.gif you can simply add php-code at the end of a image without break image display - this is a know exploit vector for uploaded images Options -MultiViews
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org