/usr/local/cpanel/3rdparty/etc/php.ini ?!

[sehh]

What exactly is the use of this php ini file? /usr/local/cpanel/3rdparty/etc/php.ini

Is it used for the internal PHP used by cPanel?

If so, why does it have register globals enabled? Its a major security risk, i believe.

 

[jenlepp]

cPanel runs its own PHP for its own purposes - be careful editing this, as it can break things on your cPanel.

 

[sehh]

sure, but how can we confirm that the above file is indeed used by cPanel's PHP?

also, why is registered globals enabled? thats a major security risk.

 

[jenlepp]

sure, but how can we confirm that the above file is indeed used by cPanel's PHP?

Well, googling /usr/local/cpanel/3rdparty/etc/php.ini is a heckuva place to start, since it comes up with numerous discussions, most of them pertaining to problems in /usr/local/cpanel/3rdparty/etc/php.ini with Fantastico installation (as Fantastico uses cPanels internal PHP to install).

also, why is registered globals enabled? thats a major security risk.

Well, one could extrapolate that cpanel has its own internal PHP for add ons and third party installs and itself precisely because it needs to use wider variables and looser permissions than would be recommended on a server for normal PHP processing (example - turn off shell_exec in there and see how far Fantastico gets when installing).

But that's just a guess.