ID: 37316
Updated by: paj...@php.net
Reported By: ale5000 at tiscali dot it
-Status: No Feedback
+Status: Bogus
Bug Type: Unknown/Other Function
Operating System: Windows XP
PHP Version: 5.1.4
New Comment:
Quick note here. It is necessary to give a given IUSR_* the permission
to use cmd.exe (%COMSPEC%). It is recommended not to do it as it may
introduce security issues, obviously. But if you really want to do it,
use:
cacls %COMSPEC% /E /G IUSR_xxxx:R
Close the bug as it is a configuration issue.
Previous Comments:
------------------------------------------------------------------------
[2006-06-02 01:50:31] mpelzsherman at yahoo dot com
I was able to get this to work by setting the "anonymous" user in IIS
to a "real" user account rather than the IUSR account.
------------------------------------------------------------------------
[2006-06-01 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2006-05-22 00:49:28] jon at thejon dot org
You need to make sure that the file has executable permission for your
web user. It may also need executable permission for cmd.exe, but I
would think this is very large security hole... I hope there is another
way with allowing access to cmd.exe.
------------------------------------------------------------------------
[2006-05-05 23:00:16] ale5000 at tiscali dot it
Yes, it is in the path and it is executable.
I have also tried:
echo system("c:\windows\system32\hostname.exe");
same result.
------------------------------------------------------------------------
[2006-05-05 18:52:24] m...@php.net
See if "tasklist" is in your path and executable or try pecl/win32ps.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/37316
--
Edit this bug report at http://bugs.php.net/?id=37316&edit=1
