FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Exec Security
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Exec Security [message #179009 is a reply to message #179008] Mon, 03 September 2012 03:53 Go to previous messageGo to previous message
Ryan is currently offline  Ryan
Messages: 15
Registered: July 2012
Karma:
Junior Member
That was my thinking, just glad someone can confirm it.

IMO I see no security issue with exec() in this setup. Its enabled only on my vhost, no client code can touch it. The command in exec() is hardcoded, not using any user inputs. Someone would have to find a way to write their own php script to use exec() and get it uploaded into my vhost to cause any problems. If they can manage to do that that can cause enough issues even with exec() disabled.

Glad I can get confirmation of this.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Is PDO an abstraction layer?
Next Topic: Net Connect API -php
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 22 07:28:43 GMT 2024

Total time taken to generate the page: 0.04316 seconds