Disabling PHP Functions with SUHOSIN on suPHP

[zontrakulla]

Hello,

I've installed SUHOSIN and made necessary changes. Now, i want to allow a user to be able to use some php commands, like shell_exec(). I've created /usr/local/apache/conf/userdata/std/2/usernamehere/userdomainhere/custom.conf

and put

php_admin_value suhosin.executor.func.blacklist ''

When i check /scripts/ensure vhost_includes --user=usernamehere i get this error

Invalid command 'php_admin_value', perhaps misspelled or defined by a module not                 included in the server configuration

Since I'm on suPHP, i can't use php_admin_value . Then how can i put suhosin.executor.func.blacklist value to conf file?

Thank you.

 

[zontrakulla]

Alright, i managed to do that.

Added

[PATH=/home/username/public_html]
suhosin.executor.func.blacklist=""

to my php.ini file.



edit:

or a better idea. Keep other functions in blacklist and enable only shell_exec()

suhosin.executor.func.blacklist="exec,passthru,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source"

 

[cPanelMichael]

Hello

I am happy to hear you were able to find a resolution for your issue. While not directly related to your specific issue, the following forum thread may also be useful if you are attempting to make suPHP more secure:

Methods to increase security when using suPHP

Thank you.

 

[Dr Ahmed]

Alright, i managed to do that.

Added

[PATH=/home/username/public_html]
suhosin.executor.func.blacklist=""

to my php.ini file.



edit:

or a better idea. Keep other functions in blacklist and enable only shell_exec()

suhosin.executor.func.blacklist="exec,passthru,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source"

This solution is valid only in case of using PHP 5.3.x or above

also php_admin_value is used only in case of your php handler is DSO not suPHP

Greatings,