Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Functions that are safe to disable in php.ini

Discussion in 'General Discussion' started by casey, Apr 22, 2004.

  1. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    191
    I have the following disabled in php.ini:
    exec, passthru, system, popen, virtual, show_source, readfile, pclose

    I had shell_exec disabled, too, but fantastico had problems with that. Does anyone have a complete list of what is safe to disable, i.e. functions that exist but the customer should never ever be using? If not, why don't we start with this one and build on it?

    P.S. This is of course for non-php_suexec environments. I believe that the customer can freely change php.ini in a php_suexec environment...correct?
     
  2. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. hostcp3

    hostcp3 Well-Known Member

    Joined:
    Jun 18, 2002
    Messages:
    156
    Likes Received:
    0
    Trophy Points:
    166
    Hi Casey

    If you disable all those it may cause issues with Image_magick and other programs clients may need access to

    here is what we are running/testing and for one client at least image_magick would not work

    dl,exec,passthru,proc_open,proc_close,shell_exec,system,popen
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice