ID: 10354 Comment by: majkls at tiscali dot cz Reported By: valerio at wnet dot it Status: Bogus Bug Type: PHP options/info functions Operating System: Linux 2.4.2 i386 PHP Version: 4.0 Latest CVS ( New Comment:
It not working with php version 4.3.6 too. I have Apache 2.0.49/worker on Linux 2.4.26. The problem: phpinfo(): ----------------- local value master value leak ini_set exec popen ini_set fsockopen .. leak fsockopen... ----------------- there is part of configuration httpd.conf: <Directory ~ "/home/(www|admin|192|212|_|158|168|99)/web/stats"> <IfModule mod_php4.c> php_admin_flag safe_mode off php_admin_value disable_functions "passthru set_time_limit error_log ini_alter ini_set dl pfsockopen openlog syslog readlink symlink link leak fsockopen" </IfModule> </Directory> but if I run my script, I get this: <font color=ff0000><br /> <b>Warning</b>: exec() has been disabled for security reasons in <b>/home/admin/web/stats/ping.php</b> on line <b>19</b><br /> </font> Please reopen this bug. Thanks Majkls Previous Comments: ------------------------------------------------------------------------ [2002-02-26 21:29:40] [EMAIL PROTECTED] The version of PHP that this bug was reported in is too old. Please try to reproduce this bug in the latest version of PHP (available from http://www.php.net/downloads.php If you are still able to reproduce the bug with one of the latest versions of PHP, please change the PHP version on this bug report to the version you tested and change the status back to "Open". ------------------------------------------------------------------------ [2001-04-16 19:30:38] valerio at wnet dot it I think that disable_functions is not working properly when called from httpd.conf with: php_admin_value disable_functions phpinfo while it works nice when called from php.ini. If i run a script with just <? phpinfo(); ?> obviously in a dir which is affected by the directive, the function works ignoring the directive, and gives this results (cut down to just the line of interest): local value master value [...] disable_functions phpinfo system [...] I have disabled "system" from php.ini, just to test...it didn't work also not setting anything in php.ini. I tried also with safe mode on but no results. The only functions thatare correctly disabled are the ones set from php.ini. The same behaviour in php 4.0.6-dev i downloaded today from the CVS... Am I missing something or this is a bug? Thanks in advance. Valerio Morettini ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=10354&edit=1
