[TYPO3-english] A question about disable_exec_function
Peter Russ
peter.russ at 4many.net
Thu Jan 14 07:32:47 CET 2010
--- Original Nachricht ---
Absender: J. Bakshi
Datum: 14.01.2010 07:06:
> Hello list,
>
> I have installed the security_check extension to check the installed
> typo3 with the possible leakage. The extension provides some very good
> suggestion to tighten the typo3 but I am confused with one suggestion
> where it says
>
> ` ` `
> The flag "disable_exec_function" is not activated.
> Add the following line in your localconf.php:
> $TYPO3_CONF_VARS['BE']['disable_exec_function'] = '1'
>
> ` ` `
>
> I think it should be enable to make imagemagik working properly. I am
> confused. Could any one kindly explain a little ?
IMHO this would only makes sense at shared hosting where customer could
upload there own php files. But then it should be set in php.ini and not
at TYPO3 level.
As long as it is your server or your own account and you are the admin
or trust the people able to upload extensions, this doesn't makes sense.
As you mentioned it would disable a lot of the graphic capabilities and
maybe other stuff, e.g. w4xbackup...
Peter.
--
loans that change lives http://www.kiva.org
_____________________________
uon GbR
http://www.uon.li
http://www.xing.com/profile/Peter_Russ
More information about the TYPO3-english
mailing list