Go to main content

Navigation menu

Textpattern CMS support forum

You are not logged in. Register | Login | Help

  1. Index
  2. » How do I…?
  3. » Running Txp in security enhanced PHP environment

Pages: 1

#1 2009-03-19 22:21:48

Klikk
New Member
Registered: 2006-07-14
Posts: 9

Running Txp in security enhanced PHP environment

Hi guys.

For several reasons related to security I’ve restricted some PHP modules/functions from running on a cpl of my servers. Installing my first txp on one of these servers the flightcheck warns me about some of these modules/functions not running (“may be necessary”) I’m still a Txp newbie so I thought I’d ask you guys where I might run into issues not running some of these modules/functions. Also there are so many third party Txp plugins to consider. I am not a php programmer but I do know my way around.

The functions I have disabled out of security reasons are:

symlink, proc_get_status, proc_nice, proc_terminate, proc_close, leak, PutEnv, fileinode, max_execution_time, highlight_file, show_source and chgrp

Do any of you see a function among these that you immidiately would say will be a big issue not running, Txp wise?

Thanks in advance.
Tim

Offline

#2 2009-03-19 22:33:22

the_ghost
Plugin Author
From: Minsk, The Republic of Belarus
Registered: 2007-07-26
Posts: 907
Website

Re: Running Txp in security enhanced PHP environment

Mostly the list of restricted functions can influense on unworking plugins, but i don’t remember such situation and have similiar list of disabled functions.

Providing help in hacking ATM! Come to courses and don’t forget to bring us notebook and hammer! What for notebook? What a kind of hacker you are without notebok?

Offline

#3 2009-03-19 22:38:10

els
Moderator
From: The Netherlands
Registered: 2004-06-06
Posts: 7,458

Re: Running Txp in security enhanced PHP environment

This FAQ might also help.

Offline

#4 2009-03-19 22:42:49

Klikk
New Member
Registered: 2006-07-14
Posts: 9

Re: Running Txp in security enhanced PHP environment

Els wrote:

This FAQ might also help.

Thanks. Yeah I read that FAQ. fileinode and max_execution_time is not on it tho. I guess part of my question is also if there are “commonly” used Txp plugins out there relying on any of these functions.

Offline

#5 2009-03-19 22:45:28

Klikk
New Member
Registered: 2006-07-14
Posts: 9

Re: Running Txp in security enhanced PHP environment

the_ghost wrote:

Mostly the list of restricted functions can influense on unworking plugins, but i don’t remember such situation and have similiar list of disabled functions.

Ok thanks. So I wouldn’t loose a lot of txp plugin functionallity by restricting these functions? Maybe some defunct ones.

Offline

Pages: 1

  1. Index
  2. » How do I…?
  3. » Running Txp in security enhanced PHP environment

Board footer

Powered by FluxBB