On Tue, Jun 15, 2004 at 10:35:33AM +0200, Rudy Gevaert wrote: > On Tue, Jun 15, 2004 at 09:23:33AM +0100, David Ramsden wrote: > > On Tue, Jun 15, 2004 at 05:52:18PM +1000, Russell Coker wrote: > > > > Does PHP allow executing arbitary binaries? > > > > > [snip] > > > > Yes, unless in your php.ini you have something along the lines of: > > disable_functions = system,passthru,shell_exec,popen,proc_open > > Can somebody point me to some documentation about securing PHP?
http://php.net/security, a better solution to the above mentioned problem is 'safe_mode', which is intended to block all dangerous file access, executing, etc. --Jeroen -- Jeroen van Wolffelaar [EMAIL PROTECTED] (also for Jabber & MSN; ICQ: 33944357) http://Jeroen.A-Eskwadraat.nl