Security tests have shown that without a disabled exec command in the php.ini settings of each account customers can easily read-access files like /etc/passwd and manipulate other files on the host machine.
We would like to eliminate the need to have a disabled_functions=exec... listed in the individual php.ini settings. Can this command be disabled for all PHP instances regardless what a user enters into his php.ini settings?
We would like to eliminate the need to have a disabled_functions=exec... listed in the individual php.ini settings. Can this command be disabled for all PHP instances regardless what a user enters into his php.ini settings?