can't use the custom httpd configuration to override disable_functions

redjersey

Verified User
Joined
Apr 22, 2013
Messages
93
Location
Toronto, Canada
Hi,

I'm currently using custombuild 2.0 and compile php with ./build secure_php (I'm using PHP + mod_ruid2)
I'm doing this so that I can disable some php functions.

However I need to have a few functions for my script. So what I did was, I used the "custom httpd configurations" and added the following:

php_admin_value disable_functions 'passthru'

restarted httpd service

when I looked at my phpinfo, it looks like I have overriden the disable_function:

Directive Local Master
disable_functions passthru exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source

however when I run "shell_exec" I'm still getting the error message saying "Warning: shell_exec() has been disabled for security reasons "

I wonder why it doesn't work? as I looked at my phpinfo it seems like it's overriden

Note: I don't have suhosin installed, as it doesn't support php 5.4
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,580
Change the disable_function in php.ini at /usr/local/lib/php.ini - then restart apache.
 

redjersey

Verified User
Joined
Apr 22, 2013
Messages
93
Location
Toronto, Canada
how do I change php.ini so that it disables on all domains except one?

I have also looked at php document seems like disable_functions can only be changed in php.ini, if so then why it allows me to change it in httpd.conf (my phpinfo looks like I have overridden the disable_functions but when I run it it says it's disabled)
 

chatwizrd

Verified User
Joined
Jul 3, 2005
Messages
2,007
You cant override disable_functions or change values for one domain. shell_exec is pretty dangerous. You should find out why your script needs that. It was poorly written if so.
 
Top