The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Re-enable php.ini exec for Gallery?

Discussion in 'General Discussion' started by jols, May 29, 2005.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    We have recently had to disable a few php.ini functions for security reasons, i.e. by including this in the server's php.ini:

    disable_functions = system, dl, exec

    But now we need to re-enable exec specifically for a Gallery installation for one of our hosted customers. I have tried placing the php.ini file with just the following line in several Gallery directories within this effected account, but having no luck at all:

    Tried the following variations (only one line in the "custom" php.ini file):

    disable_functions = none

    disable_functions = system

    disable_functions =

    In the main /gallery directory, in the albums directory, in the includes directory, in the platform directory, etc. etc. but so far nothing has worked. By the way, this is the error when trying to upload a photo via the admin page of Gallery:

    Resizing/compressing original image
    No resizing required
    Warning: exec() has been disabled for security reasons in /home/[userID]/public_html/gallery/platform/fs_unix.php on line 34

    I have also tried chowning the php.ini file to root, and to this customer's user ID, but again, nothing seems to work here.

    Anyone have any ideas about this?
     
  2. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    Jols:

    I'm pretty sure you cannot override this variable through a local directory php.ini (or .htacess file).

    I found the thread below which is very informative.

    http://www.webhostingtalk.com/showthread.php?threadid=195763

    You may be able to accompish this by editing the accounts VirtualHost directive in httpd.conf and adding:

    <IfModule mod_php4.c>
    php_admin_value disable_functions " "
    </IfModule>

    Hope this helps -
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    AFAIK, you can only use local php.ini files if you enable phpsuexec, though that might open a can of worms if you already have a populated server.
     
  4. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Nope, could not get the above httpd.conf addition, or anything else to work, but thanks much anyway.
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Thanks Chirpy. I was to the point of just biting the bullet and enabling phpsuexec anyway. Now, from your post, seeing that this will help us avoid reenabling the exec function via php.ini globally, and armed with this great post - http://forums.cpanel.net/showthread.php?t=13119&highlight=php.ini
    ... I think we will just go ahead and recompile apache with phpsuexec on all of our servers.

    We already have the Php open_basedir Tweak everywhere, and I thought that phpsuexec would be redundant, but I am beginning to get the idea that having both is a complementary approach.
     
Loading...

Share This Page