LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Question about php.ini file. (https://www.linuxquestions.org/questions/linux-software-2/question-about-php-ini-file-214589/)

jon_k 08-07-2004 05:52 AM
Question about php.ini file.
 
I have disabled sensitive commands using the following line in php.ini

disable_functions = sytem, exec, shell_exec, passthru, popen, proc_open, proc_close

That way people can't do sensitive commands. However, it appears it works anyways...

<?php
echo getcwd();
system("cp -f /path/to/sensitive/info/file.txt /home/perpetrator/file.txt");
?>

Yes, I know I could chmod 700 the info that is sensitive, but for reasons we don't need to go into it just won't work like that.

---

Am I making a syntax error in disable_functions that's making php ignore that line when php.ini is parsed on apache's startup?

(Yes, for the record I have restarted Apache using apachectl restart ;- )


All times are GMT -5. The time now is 04:10 AM.