On Thu, Oct 27, 2011 at 19:44, Tedd Sperling <tedd.sperl...@gmail.com> wrote: > > One of the things I'm trying to understand is a php script can execute a > shell command, right? Is there a way via permissions to prevent that -- or -- > does that even have anything to do with it? That's where I'm fuzzy.
Sure. What PHP actually does is interface with a forked shell (usually 'sh' by default) process, and the shell then has permission controls and requirements of its own, defined by the operating system's configuration. So PHP isn't actually executing the commands, per se, but is instead instructing the shell to do so itself. To see how to limit PHP's shell access, look into safe_mode and the like. -- </Daniel P. Brown> Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php