View Single Post
Old 6th February 2006, 12:24
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,001
Thanks: 840
Thanked 5,650 Times in 4,460 Posts

I think the approach from webstergd is more secure. The [ID] from web[id] is always an integer. You can check this either with an regex, e.g. "/^[0-9]{1,10}$/" or you use the fact that a valid [ID] cant be 0, so if you use somthing like $id = intval($id); will convert $id to an valid integer or will result in 0, which is harmless and can be easy filtered by if($id > 0) {....

For even more security, you might check every path right before the exec statement if it:

1) Starts with the web docroot (/home/www/ or /var/www or whatever is set in the isp_server table as root directory for the websites.
2) Does not contain 2 dots ".."
3) does contain only valid path characters. E.g. not "|<>;" and is escaped by escapeshellcmd.

Why this extra security?. The CMS installer might be extended later that it installs packeges build by external poeple / projects. If then someone builds a harmful or only lazy build package we must try to limit the possible damage as much as posiible.

Or am i too paranoid ?
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote