Nothing new. Already found: http://securityreason.com/achievement_securityalert/36/ And this will not bypass safe_mode but open_basedir ...