From:             [EMAIL PROTECTED]
Operating system: Linux 2.2
PHP version:      4.0.5
PHP Bug Type:     Feature/Change Request
Bug description:  Interface to execl() library call

It would be very helpful if you implemented a command that could be used to execute an 
external program without using the shell.  Such a feature would be useful in the 
following cases:

1) if another hole is discovered in EscapeShellCmd()
2) if the web server is being run in a chrooted environment, or in another situation 
in which /bin/sh access is forbidden or undesirable
3) if the user wishes to avoid the overhead of running the shell when a simple execl() 
would suffice
4) when individual arguments to a user program contain spaces or other characters that 
could be mangled by the shell and require special treatment (ex. execl("/bin/foo", 
"foo", "hello \"world", NULL) is a pain in the neck to do right now)
5) if for no other reason, than to make PHP more competitive with Perl, which does 
have this feature.  it's not too hard to do.

Edit Bug report at:

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to