PHP system() command on win32

dappadan

Hello! (my first post)

I have a question, im fairly new to PHP and i run it on win200 server. I was looking into the system() command and managed to do an nslookup on my server!!! this is good in away because i wanted it but also im very worrid about security!!!!! what if someone writes a malicious script and so on???? So basically i would love to know the limits of the system() or exec command please....I.e. how to restrict access? does it use the win32 system account? can you run other commands like Telnet? i know you can do ping, tracert and so on.....what else can it do?

Thanks, i know thats kinda a 2 part question.....its a love hate situation...i love what the system() command seeeems to be able to do! but! im security concious!

As much info as poss would be great!

Thanks alot people!

Dappa Dan.

LordShryku

Well, in order to execute this malicious code on your system, they would have to have access to it already...

AstroTeg

Exec, shell_exec, eval (although not directly evil, it could be used to run any of the other evil commands), and passthru are also evil if not properly secured.

LordShryku

Sure, but so is a basic SQL query. Or a poorly designed page that relies upon register globals.
I use system for a couple things, but most of them don't allow user input. The ones that do have thorough checking in them. Just put together some good code, and you'll be fine.

AstroTeg

The bigger concern I always have is with the inexperienced PHP coder who may be hosting their site on my server and they forget to perform some basic checks before executing commands like this.

LordShryku

True, but from a sysadmin perspective, you need to come to a decision whether you should even allow these commands. A lot of hosting companies don't...