The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is it a threat to allow custom php.ini (in suPHP)?

Discussion in 'Security' started by prashant_ohol, Sep 2, 2010.

  1. prashant_ohol

    prashant_ohol Active Member

    Joined:
    Nov 22, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Could a user having a php.ini file in there directory be a potential threat?

    :confused:
     
  2. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    Yes, it can be a threat as a user can manipulate php values as per their wish and hackers can then use such accounts to create problems on servers. But honestly, non of the Shared hosting companies deny clients from using their own php.ini file (ofcourse under the SuPHP environment) since their are large number of accounts on the server and it becomes difficult to manage php.ini for individual accounts separately.
     
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Friendly Moderator Note

    The thread title has been revised to more closely reflect the specific topic posed by the opening question; additionally, to increase relevant attention this thread has also been moved into the forums area dedicated to security discussions: cPanel and WHM Security - cPanel Forums
     
    #3 cPanelDon, Sep 3, 2010
    Last edited by a moderator: Sep 3, 2010
  4. prashant_ohol

    prashant_ohol Active Member

    Joined:
    Nov 22, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    anyone has to say on this....


    I am still confused on this...:confused:
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...

Share This Page