Shell and php security

[Namesniper]

Hello,

For security reason I have these php functiosn disabled
show_source, system, shell_exec, exec, popen, proc_open, procopen, passthru

Can anyone please tell me whether if it will prevent shell scripts from working?
They can still upload the shells but cant read/write/execute commands in 777 directories?

 

[tillo]

Shell scripts won't be able to execute any process, but they will still be able to read and write files and directories where the user owning the PHP process can read and write. This includes of course 777 directories.

 

[Namesniper]

Then what functions should I disable to prevent them from writing or even reading the files?
What can I do to stop them from executing mysql commands(if they manage to read config file with db u/p info)?

 

[tillo]

Reading and writing files, along with connecting to MySQL, are tasks that PHP scripts have to do in order to make "normal" websites to work. You can block them, but that's not what you want.
What you want is to make your server more secure, and I suggest you read some good books or search for some good tutorials in this forum and on the Web, or to hire someone that knows what he's doing.

 

[Namesniper]

it would be greate if you could point me out to particular topics.
I have already read some, but not sure whether if you are referring to the same topics.

 

[tillo]

I wasn't pointing on a particular set of threads -- I just read and wrote a lot of nice things about security on this forum, and I don't have the time to recollect all of them.
Use the search function, and if you can't find what you are looking for hiring someone may be your solution. Does your time really is that cheap that you can spend a few days searching for the answer instead of asking a consultant?