Security improvements on PHP script execution ability

Posted on Saturday 3 June 2006, at 21:17 UTC

Some changes has been made in the php configuration files, mainly on the security side.

Firstly there were a mistake in the configuration file which allowed to execute any binary in /usr/bin, the variable safe_mod_exec_dir has been set to a void directory.

Secondly all fonctions were allowed, so the following functions has been disabled : exec, system, passthru, bind, dl, shell_exec, popen, proc_get_status, proc_nice, proc_open, proc_terminate, proc_close.

If anything goes wrong for your website, fell free to contact us !