PHP Security
If possible, always set safe_mode = On in php.ini. Safe mode can be turned on by virtual hosts like the following<Directory /var/www/vhosts/aaa.com/htdocs> php_admin_flag safe_mode On </Directory>
Enabling php functions
If running php in safe mode is not possible, you might still want to disable some of the dangerous system functions in php.ini.disable_functions = system,exec,passthru,popen,escapeshellcmd,shell_exec
To illustrate that this is actually a serious problem, look at the following php file:
<?php exec("cd /etc ;cat passwd",$output);
foreach($output as $k=>$v) {
echo htmlspecialchars($v)."<br>\n";
}
?>
foreach($output as $k=>$v) {
echo htmlspecialchars($v)."<br>\n";
}
?>
I guess you don't want that. Nonetheless, exec() still read files according to system ACL. Deletion or running a script to delete another file is not allowed either.
There are no comments on this page. [Add comment]