Hi all,
I am in a virtual hosting (shared I guess) hosting enviroment, and the hoster has disabled several functions that many popular PHP and perl scripts need to function correctly. The hoster is open to ideas on how to keep the server safe, but allow us to run the sripts we want. I'm looking for info. I'm a web designer, and this decision personally and professionally affects me. I'd like to try fixing this before moving to another host, so...
Here's the problem and a 'for instance'-- If a user tries to install anything relating to image manipulation, such as Gallery (http://gallery.menalto.com/) which allows you to post photos on your web site, and makes thumbnails automatically through NetPBM or ImageMagick, we get this error:
"Warning: exec() has been disabled for security reasons in /home/user/public_html/folder/file.php on line XX"
I'm sure other scripts use the functions disabled, but this one is the first that comes to mind.
On this server, running Linux Apache and Cpanel, these settings are in place:
open_basedir restricts anything but:
/home/username
/web/tmp/
/tmp
These functions are disabled local and master:
dl
exec
passthru
proc_open
proc_close
shell_exec
system
Safe-Mode is Off local and master
Obviously, "exec" has been disabled, so we can't use the function. It is in place for security reasons, but is there a way to allow us to run these scripts and still have good security by changing the above configuration in any way?
If open_basedir is restricted to that point, do we even need exec() disabled?
I'd appreciate any input...or if you know where i can go that someone might be able to answer this, I would appreciate the direction to the resource. I'm a beginner in PHP and a moron in server admin, so please bare with me 🙂
Thanks for any input!
