Hosting Provided By

Re: ping22: can not kill this process

From: Javier Fernandez-Sanguino <jfs(at)computer.org>
Date: Fri Jan 04 2008 - 06:37:35 EST

2008/1/4, Rick Moen <rick@linuxmafia.com>:
> Quoting Luis Mondesi (lemsx1@gmail.com):
>
> > It's time to tell PHP (via php.ini) not to allow any of those
> > functions that allow executing stuff from the system (system,
> > passthru, whatever).
>
> Amen to that. Good starting point:
> disable_functions = system, exec, passthru, popen, escapeshellcmd, shell_exec

Even better: /usr/share/doc/php5-common/examples/php.ini-paranoid (it includes some more functions in that definition)

IIRC it includes those and some more. You might want to diff your php.ini copy to that one to see the different things you could do to improve your PHP installation.

Regards

Javier

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Fri Jan 4 06:38:09 2008

This message: [ Message body ]
Next message: Rick Moen: "Re: ping22: can not kill this process"
Previous message: Keyser Söze: "Install process certification"
In reply to: Rick Moen: "Re: ping22: can not kill this process"
Next in thread: Rick Moen: "Re: ping22: can not kill this process"
Reply: Rick Moen: "Re: ping22: can not kill this process"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:54:55 EDT