looking for the php.ini, I can see that the 'upload_tmp_dir => no value => no value' is not set, so it can be imagined to set a 'session.save_path' and a 'upload_tmp_dir' per ibay. Like this a Web application won't share some temporary folders with another...the risk of been hijacked by a corrupted application will be less important.
↧