root cron shell_exec disabled warning

[Smaily]

I have cron set in /var/spool/cron/root
I have cron file at /usr/local/cpanel/whostmgr/docroot/cgi/customcronfile.php

When cron runs it creates

PHP Warning: shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/docroot/cgi/customcronfile.php on line 22

In customcronfile.php, starting at line 22 I have command
$ls = `ls -la /var/cpanel/users`;
$lslist = explode("\n",$ls);

 

[cPanelTristan]

Do you mean when any cron is run that is a root cron, it outputs that error or some specific cron does? If it is a specific cron, what are you running that is outputting that error?

Next, do you have shell_exec disabled for PHP scripts?

 

[Smaily]

Do you mean when any cron is run that is a root cron, it outputs that error or some specific cron does? If it is a specific cron, what are you running that is outputting that error?

Next, do you have shell_exec disabled for PHP scripts?

Yes, cron is self running every morning and with every run it will write that error into log.
Im running somekind of custom command that will get status of inodes usage per user and outputs it into WHM.
shell_exec is disabled for php in php.ini, yes. I thought root can bypass this. I don't want to risk server security. Or wouldn't this be much of a leak?

 

[cPanelTristan]

Can you run the command in command line as root user using:

php scriptname.php

If you cannot and also receive the error, then your question is answered on what root user can and cannot do. Root should still be bound by the limitations of the system, which includes the global php.ini limitations when running a command.