[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [be] Packages
From: |
Teus Benschop |
Subject: |
Re: [be] Packages |
Date: |
Thu, 30 Dec 2010 19:04:07 +0100 |
On Wed, 2010-12-29 at 15:10 -0800, Jonathan Marsden wrote:
> Incidentally, I'm a bit surprised that your users are successfully
> running PHP code that uses system() and exec() to run Unix commands such
> as git and ssh-keygen on machines they only have a shared web hosting
> account on. Good shared web hosting providers tend to use the
> disable_functions entry in php.ini to disable "dangerous" PHP functions,
> often including system() and exec().
Most likely there are none that run it on such a server. It was the
design when bibledit-web was on the drawing board. The idea was that it
would use PHP, MySQL and Apache only, and do all stuff from there. No
git, no tar, no calls to any binary. That design would have worked on
such a server. But it quickly grew, and now it is unlikely that many
servers run it like that. Teus
Re: [be] Packages (bibledit-web and build time mysql server checking), Jonathan Marsden, 2010/12/28