On Feb 11, 2008 11:58 AM, Per Jessen <per@xxxxxxxxxxxx> wrote:> Eric Butera wrote:>> > You should never use exec & friends when there is another way around> > the problem. It is a security concern.>> Why is it a security concern to execute another bit of code?>> I really fail to see any security concern in doing e.g.>> exec('gzip -c /tmp/myinputfile')>>>> /Per Jessen, Zürich>> --> PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit: http://www.php.net/unsub.php>>
In the real world would that be your exact usage? Would the file tobe compressed be a variable by chance?
