yamaharr1

Well-Known Member
Jun 22, 2007
94
2
58
I've been doing lots of reading but haven't found anything up to date, is ziparchive secure?

The last thing I've found was in 2012 and showed it to be a security risk, is this still the case or has it all been sorted?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Hello :)

Could you clarify the specific application you are referring to, and what method you are using to install it? For instance, is this the ZipArchive PHP class?

Thank you.
 

yamaharr1

Well-Known Member
Jun 22, 2007
94
2
58
Hello

Yes the PHP ZipArchive,

I haven't looked into the install method if it is available as a module then that way otherwise whichever is available.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
You can select "Zip" as a PHP module under the "Exhaustive Options List" for PHP. I am not aware of any specific security concerns regarding this module, but feel free to reference a specific security report and we can investigate that for you.

Thank you.
 

yamaharr1

Well-Known Member
Jun 22, 2007
94
2
58
There was a security risk with relative paths in 2009 that was supposedly fixed but it seemed to pop back up in 2012 I can't find any information in regards to it being secure or insecure now.

I will have to guess that if it was insecure there would be more information out in posts, if you do come across anything that would be great, thank you.