httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Res <...@ausics.net>
Subject Re: [users@httpd] Security settings in apache
Date Sun, 17 Jun 2007 21:47:55 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

On Sun, 17 Jun 2007, makhan wrote:

>
> Hi
>
> I am  trying to run an external program from the php using its exec()
> function. But its not executing the program I think the issue is with the
> apache security setting i.e its not allowing external requests to execute
> programs on the server.
>
> Can someone please guide me how I can enable these settings.

If your not root, you can't, this is a very common lockdown in php 
by host providors (at these those that know what they are doing) to 
help prevent script kiddies playing up.

If you are root, look in your php.ini for disable_functions, make sure you 
understand the serious risks of allowing this function (amongst others)
before you allow it, then consult google or php.net.

You might also need to check the open_basedir option as well.

If you are a script kiddie, its only a mater of time before you are 
caught and locked up.


-- 
Cheers
Res
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGdawLsWhAmSIQh7MRAtDbAKCtYLgM7oVP0IPp0Djq1TT5Cf/bugCeLZi+
FVuqRvlPCqC7+3MwSi9QVFU=
=7HHz
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message