Menu
▾
▴
Re: [webmin-l] Security Advise for Virtuamin users !
|
From: Jamie C. <jca...@we...> - 2006-08-13 01:45:10
|
Hi all,<br />This change would disable various PHP functions for executing commands, which would protect against some PHP security holes I guess (such as ones where an attacker can trick PHP into running arbitrary code). However, it may also break PHP programs that use these functions to run other shell commands... so it isn't something I would enable by default for Virtualmin.<br /><br />=A0- Jamie<br /><br />On 12/Aug/2006 15:24 Vernon wrote .. <blockquote type=3D"cite"> <font size=3D"2">Not sure who you are. Jamie is this still you are suggetsing as well? <br /> <br /><b>---------- Original Message -----------</b> <br />From: Hamid Hashemi <ha...@mo...> <br />To: Webmin users list <web...@li...> <br />Sent: Sun, 13 Aug 2006 01:45:35 +0330 <br />Subject: [webmin-l] Security Advise for Virtuamin users ! <br /> <br />> Hi , <br />> <br />> Just want to say please add the following line to you php.ini while you <br />> are running virtualmin and you have some sites hosted on your server : <br />> <br />> disable_functions =3D <br />> exec,popen,shell_exec,proc_open,passthru,system,stream_select,escapeshellcmd,pcntl_exec <br />> <br />> or run you php in safe_mode. BTW safe_mode is not a good choice for <br />> customers. <br />> <br />> -- <br />> Regards <br />> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D <br />> / Seyyed Hamid Reza / WINDOWS FOR NOW !! / <br />> / Hashemi Golpayegani / Linux for future , FreeBSD for ever / <br />> / Morva System Co. / ------------------------------------- / <br />> / Network Administrator/ ha...@mo... , ICQ# : 42209876 / <br />> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D <br />> <br />> ------------------------------------------------------------------------- <br />> Using Tomcat but need to do more? Need to support web services, security? <br />> Get stuff done quickly with pre-integrated technology to make your job easier <br />> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo <br />> <a target=3D"_blank" href=3D"http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D121642">http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D121642</a> <br />> - <br />> Forwarded by the Webmin mailing list at web...@li... <br />> To remove yourself from this list, go to <br />> <a target=3D"_blank" href=3D"http://lists.sourceforge.net/lists/listinfo/webadmin-list">http://lists.sourceforge.net/lists/listinfo/webadmin-list</a> <br />> <br />> -- <br />> This message has been scanned for viruses and <br />> dangerous content by comp-wiz.com, inc.'s MailScanner, <br />> and is believed to be clean. <br /><b>------- End of Original Message -------</b> <br /></font> </blockquote><br /> |
