Page 1 of 1

disable_fucntions

Posted: Tue Apr 05, 2005 12:54 am
by Termina
Probally getting sick of me by now, eh? :P

I've added the following line in php.ini:
disable_functions = exec,shell_exec,dir,readfile,dl,passthru,popen,chown,phpinfo,chown,system

I do this because

A) Permission setup. All users are part of the group users. All folders/files in /home are 705

B) PHP runs as an 'other' (if it didn't no user could use php scripts)

C) since PHP can read users scripts, other users can abuse the above commands to view (and possibly change!) a users files. Bad stuff.

What I would like to do is this:
Keep those functions disabled, but allow the php files in a certain directory (mainly my htdocs directory, not writable by anyone by root and nobody) to use the diabled functions.

Is there a way to do this?

Posted: Tue Apr 05, 2005 1:00 am
by feyd
notice:

Code: Select all

disable_functions	&quote;&quote;	php.ini only

Posted: Tue Apr 05, 2005 2:33 am
by Termina
Damn, nothing in that list that looks like it would do that. =/