« General considerations
Possible attacks »
PHP Manual
Security
Installed as CGI binary
Installed as CGI binary
Table of Contents
Possible attacks
Case 1: only public files served
Case 2: using cgi.force_redirect
Case 3: setting doc_root or user_dir
Case 4: PHP parser outside of web tree