The secure CMS.

Welcome to Geeklog, Anonymous Saturday, May 04 2024 @ 12:29 am EDT

Geeklog Forums

Disabling dangerous PHP functions

 New Topic  Post Reply
 09/29/05 01:13pm (Read 1,798 times)  
Status: offline

LWC

Forum User
Full Member
Registered: 02/19/04
Posts: 818
[QUOTE A message from my ISP]
To enhance your security we will be disabling the PHP functions "proc_open", "system", "cmd", "shell_exec" (aka "backticks"), and "passthru". The majority of applications written in PHP do not use these functions and will not lose any functionality when this happens.
[/QUOTE]
They gave me time till Monday, October 10th to opt out for the removal of any of these functions.

So does Geeklog belong to the moral majority? Smile
 Quote
 09/29/05 01:58pm  
Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Geeklog itself doesn't use any of those functions. Can't speak for all the plugins and add-ons, of course.

bye, Dirk
 Quote
 09/29/05 06:15pm  
Status: Banned

machinari

Forum User
Full Member
Registered: 03/22/04
Posts: 1512
Inmemoriam's use of Pear makes use of a couple of those especially for dealing with ImageMagick.
 Quote
 11/19/05 02:51pm  
Status: offline

LWC

Forum User
Full Member
Registered: 02/19/04
Posts: 818
Which exactly (for Inmemoriam)?

Also, what about "popen"? This time they offer to easily block it, but don't actually block it by default because...

'popen' is used by several Site Applications, including Mambo and UebiMiau.
 Quote
 11/19/05 03:20pm  
Status: Banned

machinari

Forum User
Full Member
Registered: 03/22/04
Posts: 1512
passthru, exec, and system if I remember correctly--all used by the pear image transform package included with Inmemoriam.
 Quote
 New Topic  Post Reply
All times are EDT. The time is now 12:29 am.
  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content