Oh, shoot, this needs to go into plug-security.

Sorry, go look there for the detailed info...

rc
> 
>                          Security Advisory DW020203-PHP
>                            Release: 3rd February 2002
> 
>                  PHP Safe Mode Filesystem Circumvention Problem
> 
>  Severity:   Medium to high.
>  Affects:    PHP, all versions which include safe_mode feature.
>  Platform:   UNIX, Microsoft Windows, any platforms on which PHP is
> available.