My existing web host has disabled shell_exec and one of my php scripts requires it to work, so is shell_exec dangerous? Would you have it enabled on your servers or is it typical for it to be disabled?
View 4 Repliesi have an image hosting and i am using curl for remote upload, everyday i am checking php error logs to see is there any bug in codes or no. today i found an unusual log!
Quote:
[28-Jul-2007 00:14:43] PHP Warning: curl_setopt() [<a href='function.curl-setopt'>function.curl-setopt</a>]: open_basedir restriction in effect. File(/home/marcelo/Desktop/abcdefg.jpg) is not within the allowed path(s): (/www/:/usr/lib/php:/usr/local/lib/php:/tmp) in /www/upload.php on line 26
why should curl show logs like this? my codes just accept URL for curl!
does curl accept real path instant of url ? or this is a php bug?
I'm having some trouble finding info on a few things in my logs.
every time i reboot/restart apache, the following prints to my error log immediately after coming online:
Quote:
[warn] mod_rewrite: Running external rewrite maps without defining a RewriteLock is DANGEROUS!
I am running into a few problems when it comes to using the above command. No it is not being blocked in the php.ini file. The issue has to do with permissions. On my old server everything worked fine until I moved over to this new server.
$who = shell_exec("whoami");
echo "$who";
When I run that commend on the old server I got that users username. Which, makes since as that means anything created via PHP would be owned by that user. In fact, every other host I know of was like that. But, on the new server when I run the commend it shows up as "nobody". How can I fix this so my commands will run properly for me and my users?
How do I enable shell_exec in an .htaccess file for one particular account, even thought it is disabled globally in php.ini ?
I am using php 4.4.6 / cpanel / centos
Also, what would the .htaccess look like for php5x?
to run one PHP script from crontab as root..
But my basic PHP has shell_exec disabled in php.ini and when trying to run script that use shell_exec even from root I get error that function is disabled.
Do you have any suggestion how can I overcome this and have ability to use this function when executing php script from console?
To disable or not to disable shell_exec and readfile.
I haven't found any possible problems about enabling readfile but regarding shell_exec, I might be vulnerable to phpshell scripts though if the server is correcly configured (suPHP, suoshin, etc.), the risks are minimun.
I installed status2k on my server and i am encountering this error.
Quote:
Warning: shell_exec() has been disabled for security reasons in /home/oxyhosts/public_html/status/includes/functions.php on line 455
You can take a look at the errors on http://tinyurl.com/264tot
I even tried disabling shell_exec and exec from php.ini but that too didnt resolve the issue.
Is there a way i can get this thing to run without / with enabling shell_exec?
How to disable those functions on VPS with Lxadmin and CentOS 5
show_source, system, shell_exec, passthru, exec,
phpinfo, popen, proc_open, base64_decode, base64_encodem, proc_terminate