$OpenBSD: patch-php_ini-dist,v 1.2 2001/10/04 21:53:04 avsm Exp $
URL fopen off by default - this is one of those things that people hardly
ever use, and can turn local exploits into remote ones.

--- php.ini-dist.orig	Fri Jun  1 03:20:49 2001
+++ php.ini-dist	Thu Oct  4 22:39:04 2001
@@ -349,7 +349,7 @@ upload_max_filesize = 2M
 ;;;;;;;;;;;;;;;;;;
 
 ; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
-allow_url_fopen = On
+allow_url_fopen = Off
 
 ; Define the anonymous ftp password (your email address)
 ;from="john@doe.com"
