Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is it a threat to allow custom php.ini (in suPHP)?

Discussion in 'Security' started by prashant_ohol, Sep 2, 2010.

  1. prashant_ohol

    prashant_ohol Active Member

    Joined:
    Nov 22, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    156
    Could a user having a php.ini file in there directory be a potential threat?

    :confused:
     
  2. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,051
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    Earth
    Yes, it can be a threat as a user can manipulate php values as per their wish and hackers can then use such accounts to create problems on servers. But honestly, non of the Shared hosting companies deny clients from using their own php.ini file (ofcourse under the SuPHP environment) since their are large number of accounts on the server and it becomes difficult to manage php.ini for individual accounts separately.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Friendly Moderator Note

    The thread title has been revised to more closely reflect the specific topic posed by the opening question; additionally, to increase relevant attention this thread has also been moved into the forums area dedicated to security discussions: cPanel and WHM Security - cPanel Forums
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelDon, Sep 3, 2010
    Last edited by a moderator: Sep 3, 2010
  4. prashant_ohol

    prashant_ohol Active Member

    Joined:
    Nov 22, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    156
    anyone has to say on this....


    I am still confused on this...:confused:
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,468
    Likes Received:
    420
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice