09-24-2012, 12:53 AM
|
#1 |
|
Junior Member
Join Date: Oct 2011
Posts: 25
 |
disabled PHP functions
Hello,
since one of the last ISPmanager updates the installtion routine seems to disable the PHP functions "exec,passthru,shell_exec,system,proc_open,pop en" for the Apache PHP module (at least on Debian in /etc/php5/apache2/php.ini). As these functions are essential for several software to work (e.g. Softaculous, Typo3 ImageMagick functions, ...) this seems to be a bad idea. I guess this change was made because of security concerns when mod_php is used with the Apache mpm prefork or worker. Since we're using the mpm ITK where mod_php is also called with the UID of the website owner we don't have to worry about security in combination with mod_php. Could you please state why this change was made and how to handle problems with software which is no longer working. Maybe a better way would be to check which mpm is installed before auto disabling several PHP functions. Last edited by paketschubser; 09-24-2012 at 10:01 AM. |
|
|
|
09-24-2012, 07:20 PM
|
#2 |
|
ISPsystem team
Join Date: May 2008
Location: ISPsystem
Posts: 588
|
These functions are disabled once the installation. We tried to disable all cases potentially unsafe for the user, for the reason that it can reinstall apache further through the panel. The panel does not replace any the server administrator for after-install configuration.
|
|
|
|
 |
| Tags |
| itk, mod_php, mpm, php |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT +2. The time now is 10:11 AM.