#1  
Old 10th October 2011, 16:39
arastirici arastirici is offline
Member
 
Join Date: Sep 2008
Posts: 82
Thanks: 0
Thanked 1 Time in 1 Post
Default about apache_setenv

hello

I have some customers' web page on ubuntu11 with suhosin patch.

I am going through some commands to be disabled in php.ini.

Do I should disable apache_setenv in there ?

Could you give me recommended disabled commands about that ?

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 11th October 2011, 21:07
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
 
Default

I think it's safe to disable that function. Other functions you can disable for security reasons are dl,exec,passthru,shell_exec,system,proc_open,popen ,curl_exec,curl_multi_exec,parse_ini_file,show_sou rce.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 03:06.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.