FUDforum: comp.lang.php » Exec Security

Home » Imported messages » comp.lang.php » Exec Security

Show: Today's Messages :: Polls :: Message Navigator

Re: Exec Security [message #179009 is a reply to message #179008]

Mon, 03 September 2012 03:53

Ryan
Messages: 15
Registered: July 2012

Karma:

Junior Member

That was my thinking, just glad someone can confirm it.

IMO I see no security issue with exec() in this setup. Its enabled only on my vhost, no client code can touch it. The command in exec() is hardcoded, not using any user inputs. Someone would have to find a way to write their own php script to use exec() and get it uploaded into my vhost to cause any problems. If they can manage to do that that can cause enough issues even with exec() disabled.

Glad I can get confirmation of this.

Report message to a moderator

[Message index]

		Exec Security By: Ryan on Sat, 01 September 2012 01:49
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 02:12
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 06:54
		Re: Exec Security By: Ryan on Sat, 01 September 2012 09:51
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 11:19
		Re: Exec Security By: Ryan on Sat, 01 September 2012 18:50
		Re: Exec Security By: Ryan on Sat, 01 September 2012 20:19
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 20:26
		Re: Exec Security By: Ryan on Sat, 01 September 2012 21:11
		Re: Exec Security By: Jerry Stuckle on Sat, 01 September 2012 23:14
		Re: Exec Security By: Ryan on Sun, 02 September 2012 00:17
		Re: Exec Security By: J.O. Aho on Sun, 02 September 2012 07:25
		Re: Exec Security By: The Natural Philosoph on Sun, 02 September 2012 11:02
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:32
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:35
		Re: Exec Security By: Jerry Stuckle on Mon, 03 September 2012 03:43
		Re: Exec Security By: Ryan on Mon, 03 September 2012 03:53
		Re: Exec Security By: J.O. Aho on Mon, 03 September 2012 04:55
		Re: Exec Security By: J.O. Aho on Sat, 01 September 2012 21:23

Previous Topic:	Is PDO an abstraction layer?
Next Topic:	Net Connect API -php

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Oct 19 17:14:49 GMT 2024

Total time taken to generate the page: 0.16701 seconds