LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 08-07-2004, 05:52 AM   #1
jon_k
Member
 
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547

Rep: Reputation: 30
Question about php.ini file.


I have disabled sensitive commands using the following line in php.ini

disable_functions = sytem, exec, shell_exec, passthru, popen, proc_open, proc_close

That way people can't do sensitive commands. However, it appears it works anyways...

<?php
echo getcwd();
system("cp -f /path/to/sensitive/info/file.txt /home/perpetrator/file.txt");
?>

Yes, I know I could chmod 700 the info that is sensitive, but for reasons we don't need to go into it just won't work like that.

---

Am I making a syntax error in disable_functions that's making php ignore that line when php.ini is parsed on apache's startup?

(Yes, for the record I have restarted Apache using apachectl restart ;- )
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
editing a php.ini file ilustrate Linux - General 4 07-13-2005 12:16 PM
php5 configure with different php.ini file dtra Linux - Software 2 01-19-2005 08:04 PM
PHP.ini Troubles on conf file Gerardoj Linux - General 3 03-24-2004 08:03 PM
php.ini and file uploads gblue Linux - Newbie 0 02-29-2004 05:28 PM
editing PHP.INI file question hct224 Linux - Newbie 1 10-31-2003 10:05 AM


All times are GMT -5. The time now is 01:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration