Forum
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and cPanel
  1. Christos Panagiotakis
  2. Wednesday, 26 June 2013
  3.  Subscribe via email
Is there somewhere saved a php.ini when someone use a different php version ?

I know if I need something I can add it in the 
/etc/cl.selector/php.conf file.
But how I can possibly add something like disable_functions 
and a list of the functions I'd like to disable like system/exec/shell/shell_exec/passthrough and so on ?
Rate this post:
  1. 26.06.2013 07:06:37
  2. # 1
Bogdan Accepted Answer
Posts: 709
Joined: 26.06.2013
0
Votes
Undo
Christos, all default values and directives are set in /opt/alt/phpXX/etc/php.ini file, where XX is php version. The files are not overwritten with the updates and is the right place to add customized values. You should set disable_functions in it and that will do the trick. And this should be done for all XX versions.

As long as \'disable_functions\' are absent in /etc/cl.selector/php.conf it could not be modified by customers.
  1. 26.06.2013 07:06:17
  2. # 2
Posts: 17
Joined: 21.04.2011
0
Votes
Undo
I don\'t want to force disabled_function, I want to add it as an option.
So I can select it in specific users. A few apps needs stuff like exec or system (bad but...).
Can\'t do it globally.
  1. 26.06.2013 08:06:59
  2. # 3
Bogdan Accepted Answer
Posts: 709
Joined: 26.06.2013
0
Votes
Undo
Not sure if I got you right, but do you want to
- do not force using disable_functions
- enable disable_functions for few users but protect it from modifying by users ?
  1. 26.06.2013 12:06:52
  2. # 4
Posts: 17
Joined: 21.04.2011
0
Votes
Undo
Yeap! An option to disable (or enable) functions per user account.

For example I got a mathematician forum which needs latex. It uses it with exec().
I can't globally disable all. And certainly I don't want to mess with servers' configuration
and have different configurations per server and be something like
"hey it worked there, now that I transfer it in another server it stuck"
(Of course I want to disable at least the 4 evil functions like shell/shell_exec/system and passthrough for various reasons like evil backdoors c99 style but..)

So I need an option to somehow control disable_functions. 
Either if I got it globally disabled to enable it only for specific accounts
or the opposite.


From the other hand thinking again, having everyone in cagefs I don't know the usefulness of this,even if something gets backdoor'ed, what it can do (it can use it for spam ok, but anything else?)

Maybe I am just crazy enough :-)
  1. 05.02.2019 13:02:25
  2. # 5
Luka Accepted Answer
Posts: 0
Joined: 23.02.2019
0
Votes
Undo
Even though account uses an alt PHP version and functions are disabled, and even though editing disable functions is not possible in PHP SELECTOR, user creates PHP.ini with
disable_functions = NULL

And no functions are disabled. This poses great security risk, what can I do about this?
  1. 08.02.2019 14:02:10
  2. # 6
Posts: 53
Joined: 17.08.2016
0
Votes
Undo
Hello Luca,
to answer your question more precisely, we need to know your environment configuration, panel, PHP handler, etc, so it would be better if you submit a ticket to https://cloudlinux.zendesk.com/hc/en-us/requests/new

Thank you!
  1. 08.02.2019 15:02:42
  2. # 7
Luka Accepted Answer
Posts: 0
Joined: 23.02.2019
0
Votes
Undo
I prefer not to submit a ticket.
My PHP Handler is suPHP.
For alt-php versions.
And running cPanel, CloudLinux was installed on latest CENTOS 7 64bit
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.