source: https://www.securityfocus.com/bid/22261/info PHP is prone to a 'safe_mode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, all assuming that the 'safe_mode' restriction will isolate users from each other. This issue is reported to affect PHP version 5.2.0; other versions may also be vulnerable. php -r 'fopen("srpath://../../../../../../../dir/pliczek", "a");'