I do not think this is specifically a weakness of cPanel but rather a weakness of php itself, but I did want to see if anyone had any feedback... If a user sets a php.ini in their web root, it removes all of the function disables in the primary php.ini file. I have a user who added a php.ini with the following contents only. error_reporting = E_ALL & ~E_WARNING & ~E_NOTICE This allowed him to bypass the restrictions I have set in the master php.ini (I have disabled among other functions ini_set and phpinfo). I am not sure f there is a way to set things up so that users cannot over ride the master php.ini file but I find this to be an amazingly glaring weakness.