Then why do 'include' and 'require' even take URIs? Can you think of any valid use which is not a security hole? So why not take it out, the apps which break are probably insecure in any case.

If that ability is really needed, then why not add 'remote_include' and 'remote_require'. That way the programmer can express that he really means it. Also why does the PHP help page on include (http://de3.php.net/manual/en/function.include.php) not contain a warning about the very popular include($_GET['path']); with a very clear text about why it is unsecure and how to do it properly.

To continue on your example: if a gun regularily harms its user, will the manufacturer not make sure it doesn't happen again?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/427/34257#34257