[TYPO3-english] A question about disable_exec_function

Peter Russ peter.russ at 4many.net
Thu Jan 14 07:32:47 CET 2010

--- Original Nachricht ---
Absender:   J. Bakshi
Datum:       14.01.2010 07:06:
> Hello list,
> I have installed the security_check extension to check the installed
> typo3 with the possible leakage.  The extension provides some very good
> suggestion to tighten the typo3 but I am confused with one suggestion
> where it says
> ` ` `
> The flag "disable_exec_function" is not activated.
> Add the following line in your localconf.php:
> $TYPO3_CONF_VARS['BE']['disable_exec_function'] = '1'
> ` ` `
> I think it should be enable to make imagemagik working properly. I am
> confused. Could any one kindly explain a little ?

IMHO this would only makes sense at shared hosting where customer could 
upload there own php files. But then it should be set in php.ini and not 
at TYPO3 level.
As long as it is your server or your own account and you are the admin 
or trust the people able to upload extensions, this doesn't makes sense.

As you mentioned it would disable a lot of the graphic capabilities and 
maybe other stuff, e.g. w4xbackup...


loans that change lives http://www.kiva.org

uon GbR

More information about the TYPO3-english mailing list