FAO Dmitry - proc_open() update

Not sure if this mailing list is the best place to ask you a question
Dmitry?

I noticed in the latest version of PHP 5 (5.2.1) you have fixed an issue
that has been causing us real problems:

"Improved proc_open(). Now on Windows it can run external commands not
through CMD.EXE. (Dmitry)"

We have not been able to run certain executables we have wanted to on
our windows web servers because of the issue of opening a security hole
by altering permissions on cmd.exe, and it looks like you have fixed the
problem.

Unfortunately we use PHP 4, and I was sad to see in the latest version
of PHP 4 (4.4.5), released 6 days after the above the fix has not been
applied.

Can you tell me if this fix is ever going to happen for PHP 4?

Thanks.


************************************************************ ***************=
*******
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
************************************************************ ***************=
*******

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: FAO Dmitry - proc_open() update

Hi David,

I didn't have plans to backport this patch to PHP-4.

Dmitry.

> -----Original Message-----
> From: David Felton [mailto:davidfelton@codemasters.com]
> Sent: Thursday, February 22, 2007 2:29 PM
> To: php-windows@lists.php.net; dmitry@php.net
> Subject: FAO Dmitry - proc_open() update
>
>
>
> Not sure if this mailing list is the best place to ask you a
> question Dmitry?
>
> I noticed in the latest version of PHP 5 (5.2.1) you have
> fixed an issue that has been causing us real problems:
>
> "Improved proc_open(). Now on Windows it can run external
> commands not through CMD.EXE. (Dmitry)"
>
> We have not been able to run certain executables we have
> wanted to on our windows web servers because of the issue of
> opening a security hole by altering permissions on cmd.exe,
> and it looks like you have fixed the problem.
>
> Unfortunately we use PHP 4, and I was sad to see in the
> latest version of PHP 4 (4.4.5), released 6 days after the
> above the fix has not been applied.
>
> Can you tell me if this fix is ever going to happen for PHP 4?
>
> Thanks.
>
>
> ************************************************************ **
> ********************
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity
> to whom they are addressed. If you have received this email
> in error please notify the system manager.
>
> This footnote also confirms that this email message has been
> swept by MIMEsweeper for the presence of computer viruses.
> ************************************************************ **
> ********************
>

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: FAO Dmitry - proc_open() update

I think because of the amount of PHP4 users out there this would be very
beneficial! Do you accept bribes? ;-)

PS I forgot to thank you for fixing this problem in the first place.
It's been around for ages - Thanks!

-----Original Message-----
From: Dmitry Stogov [mailto:dmitry@zend.com]=20
Sent: 22 February 2007 1:41
To: David Felton; php-windows@lists.php.net
Subject: RE: FAO Dmitry - proc_open() update

Hi David,

I didn't have plans to backport this patch to PHP-4.

Dmitry.

> -----Original Message-----
> From: David Felton [mailto:davidfelton@codemasters.com]=20
> Sent: Thursday, February 22, 2007 2:29 PM
> To: php-windows@lists.php.net; dmitry@php.net
> Subject: FAO Dmitry - proc_open() update
>=20
>=20
>=20
> Not sure if this mailing list is the best place to ask you a=20
> question Dmitry?
>=20
> I noticed in the latest version of PHP 5 (5.2.1) you have=20
> fixed an issue that has been causing us real problems:
>=20
> "Improved proc_open(). Now on Windows it can run external=20
> commands not through CMD.EXE. (Dmitry)"
>=20
> We have not been able to run certain executables we have=20
> wanted to on our windows web servers because of the issue of=20
> opening a security hole by altering permissions on cmd.exe,=20
> and it looks like you have fixed the problem.
>=20
> Unfortunately we use PHP 4, and I was sad to see in the=20
> latest version of PHP 4 (4.4.5), released 6 days after the=20
> above the fix has not been applied.
>=20
> Can you tell me if this fix is ever going to happen for PHP 4?
>=20
> Thanks.
>=20
>=20
> ************************************************************ **
> ********************
> This email and any files transmitted with it are confidential=20
> and intended solely for the use of the individual or entity=20
> to whom they are addressed. If you have received this email=20
> in error please notify the system manager.
>=20
> This footnote also confirms that this email message has been=20
> swept by MIMEsweeper for the presence of computer viruses.
> ************************************************************ **
> ********************
>=20

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: FAO Dmitry - proc_open() update

PHP 4 is closed for new features. Please talk with Derick. He is the release
manager of PHP 4.

Dmitry.

> -----Original Message-----
> From: David Felton [mailto:davidfelton@codemasters.com]
> Sent: Thursday, February 22, 2007 4:52 PM
> To: Dmitry Stogov; php-windows@lists.php.net
> Subject: RE: FAO Dmitry - proc_open() update
>
>
> I think because of the amount of PHP4 users out there this
> would be very beneficial! Do you accept bribes? ;-)
>
> PS I forgot to thank you for fixing this problem in the first
> place. It's been around for ages - Thanks!
>
> -----Original Message-----
> From: Dmitry Stogov [mailto:dmitry@zend.com]
> Sent: 22 February 2007 1:41
> To: David Felton; php-windows@lists.php.net
> Subject: RE: FAO Dmitry - proc_open() update
>
> Hi David,
>
> I didn't have plans to backport this patch to PHP-4.
>
> Dmitry.
>
> > -----Original Message-----
> > From: David Felton [mailto:davidfelton@codemasters.com]
> > Sent: Thursday, February 22, 2007 2:29 PM
> > To: php-windows@lists.php.net; dmitry@php.net
> > Subject: FAO Dmitry - proc_open() update
> >
> >
> >
> > Not sure if this mailing list is the best place to ask you a
> > question Dmitry?
> >
> > I noticed in the latest version of PHP 5 (5.2.1) you have
> > fixed an issue that has been causing us real problems:
> >
> > "Improved proc_open(). Now on Windows it can run external
> > commands not through CMD.EXE. (Dmitry)"
> >
> > We have not been able to run certain executables we have
> > wanted to on our windows web servers because of the issue of
> > opening a security hole by altering permissions on cmd.exe,
> > and it looks like you have fixed the problem.
> >
> > Unfortunately we use PHP 4, and I was sad to see in the
> > latest version of PHP 4 (4.4.5), released 6 days after the
> > above the fix has not been applied.
> >
> > Can you tell me if this fix is ever going to happen for PHP 4?
> >
> > Thanks.
> >
> >
> > ************************************************************ **
> > ********************
> > This email and any files transmitted with it are confidential
> > and intended solely for the use of the individual or entity
> > to whom they are addressed. If you have received this email
> > in error please notify the system manager.
> >
> > This footnote also confirms that this email message has been
> > swept by MIMEsweeper for the presence of computer viruses.
> > ************************************************************ **
> > ********************
> >
>

--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php