php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #48796 Include exec_dir patch in main tree
Submitted: 2009-07-04 07:37 UTC Modified: 2013-11-02 14:38 UTC
Votes:11
Avg. Score:4.6 ± 1.1
Reproduced:8 of 9 (88.9%)
Same Version:8 (100.0%)
Same OS:7 (87.5%)
From: alessandro dot corbelli at guest dot net Assigned:
Status: Wont fix Package: *General Issues
PHP Version: 5.3.0 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
 [2009-07-04 07:37 UTC] alessandro dot corbelli at guest dot net 
Description:
------------
Please include the exec_dir patch that can be found here:
http://kyberdigi.cz/projects/execdir/english.html

I think that should be included in the main php's tree because it's a very important security features.

With safe_mode being deprecated, there is no other safe & easy way to limit program execution and some people (like us) can't disable the whole exec family. For example, imagemagick need to be executed with exec and in a shared hosting imagemagick is a must.

Please include that patch or convert your safe_mode_exec_dir to works even with safe_mode off.

You have open_basedir, please add an exec_basedir.

Thank you.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-02-25 16:12 UTC] herwin at snt dot utwente dot nl 
Any chance that this will be incorporated in the php core?
 [2012-04-20 12:54 UTC] php at cabillot dot eu 
To the php team : what do you think about this feature ?

Now that safe_mode is disabled, how hosting companies can protect consumers from 
themselves ?
 [2013-11-02 14:38 UTC] krakjoe@php.net
-Status: Open +Status: Wont fix -Package: Feature/Change Request +Package: *General Issues
 [2013-11-02 14:38 UTC] krakjoe@php.net 
safe_mode was a plague upon the source of PHP.

Not only a plague but an unmitigated failure at keeping anything safe, with that in mind, there is no chance of introducing a feature that effects the behavior of a set of functions like the exec family in order to do the same things that are made possibly by normal sysadmin, like jails, correct permissions etc.

Sorry it took so long, but at least, you eventually got your answer :)
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Jul 14 00:01:34 2025 UTC