security concerns: php reg global
hope someone can help:
after installing v1.6 RC4, i was prompted to set Register Globals to OFF if not used. Since setting to OFF usually requires some Server Admin intervention, my question is:
Q. i've seen some internet forum postings dtd 2005 which point out security vulnerabilities of v1.3 & earlier. Are all existing known security threats already addressed in v1.6 RC4 and that setting register globals to OFF is for additional assurance for threats not yet discovered?