There was a posting on http://us3.php.net/dl dated July 18th regarding the dl exploit problem. Following the advice in the posting, my shared hosting service disabled dl on our hosting server. I can't load my custom PHP extension anymore. I am wondering if anyone knows about any active development effort to fix this problem. Please let me know. Thank you very much. P.S. Text of the posting on PHP documentation page for dl: WARNING: enable_dl/dl() ********************* There is an exploit circulating currently which takes advantage of dl() to inject code into Apache which causes all requests to all virtual hosts to be redirected to a page of the attackers choice. All operators of shared web hosting servers with Apache and PHP should disable dl() by setting enable_dl to off otherwise your servers are vulnerable to this exploit. This exploit is generally known as flame.so (the object that is loaded into Apache) and flame.php (the php script that loads it). -- Anas Mughal
