Details

    • Type: Vulnerability Detection
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Message:
      Hide
      * Explicitly set "enable_dl" to false.
      * Update this "enable_dl" configuration to turn it off.
      Show
      * Explicitly set "enable_dl" to false. * Update this "enable_dl" configuration to turn it off.
    • Default Severity:
      Blocker
    • Impact:
      High
    • Likelihood:
      High
    • Covered Languages:
      PHP
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      5min
    • CWE:
      CWE-23, CWE-36
    • OWASP:
      A6

      Description

      enable_dl is on by default and allows open_basedir restrictions, which limit the files a script can access, to be ignored. For that reason, it's a dangerous option and should be explicitly turned off.

      This rule raises an issue when enable_dl is not explicitly set to 0 in php.ini.

      Noncompliant Code Example

      ; php.ini
      enable_dl=1  ; Noncompliant
      

      Compliant Solution

      ; php.ini
      enable_dl=0
      

      See

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                ann.campbell.2 Ann Campbell
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: