On Oct 27, 2011, at 7:49 PM, Daniel Brown wrote:

> On Thu, Oct 27, 2011 at 19:44, Tedd Sperling <tedd.sperl...@gmail.com> wrote:
>> One of the things I'm trying to understand is a php script can execute a 
>> shell command, right? Is there a way via permissions to prevent that -- or 
>> -- does that even have anything to do with it? That's where I'm fuzzy.
>    Sure.  What PHP actually does is interface with a forked shell
> (usually 'sh' by default) process, and the shell then has permission
> controls and requirements of its own, defined by the operating
> system's configuration.  So PHP isn't actually executing the commands,
> per se, but is instead instructing the shell to do so itself.  To see
> how to limit PHP's shell access, look into safe_mode and the like.
> -- 
> </Daniel P. Brown>
> Network Infrastructure Manager
> http://www.php.net/



But does having execute permissions set on a script affect the scripts ability 
to run shell commands?

For example, if I have a script that contains a shell command, can I prohibit 
that script from executing the command by setting it's execute permission to 
not execute?

Certainly, as is my normal custom, I could try it and find out for myself -- 
but I have always been reluctant to use shell commands. Besides, never having 
used them, I don't see their advantage yet. Currently, they seem strange and 
dangerous to me.

As always, your insight is welcomed.




PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to