Scripting security

Discussion in 'Installation/Configuration' started by Tommahawk, Jul 20, 2007.

  1. Tommahawk

    Tommahawk New Member

    How is Perl and PHP and other scripting languages secured against arbitrary command execution web-based shells using commands such as exec system etc because I would like to offer a good selection of shell scripting at minimal PHP & Perl but would also like to add Python/Ruby/ASP at a later stage.

    Thanks in advance
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    In PHP, you can activate safemode to disallow calls to the exec command. To be even more secure, you can use e.g. suphp plus a strict configuration in your php.ini which disallows functions like exec.

Share This Page