preventing a user to start a process
Adam Jacob Muller
adam at oxeo.com
Tue Jul 26 17:01:05 GMT 2005
Pretty much the only "secure" option is to either
A. run in a chroot jail
B. run with any writable directories mounted noexec
or if your really paranoid, do both
Adam
On Jul 26, 2005, at 12:49 PM, Thomas Krause wrote:
>
>
> David Hogan schrieb:
>
>>> -----Original Message-----
>>> From: owner-freebsd-isp at freebsd.org [mailto:owner-freebsd-
>>> isp at freebsd.org]
>>> On Behalf Of Thomas Krause
>>>
>>
>>
>>> I've searched all php-files for the system()-funktion - it's not
>>> possible for me do disable this function.
>>>
>> Can't you just use the 'disable_functions =' option in php.ini to
>> disable
>> the php functions that can be used to spawn processes ?
>> You could use it to disable at least the following functions:
>> system()
>> exec()
>> passthru()
>> popen()
>> pcntl_exec()
>> shell_exec()
>>
>
> Unfortunately, that is not possible. E.g. typo3 calls Imagemagick,
> so I need system().
>
> Regards,
> Thomas.
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>
More information about the freebsd-isp
mailing list