Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-28, 22:36:46

Author Topic: php fpm shell_exec and exec  (Read 5314 times)

0 Members and 1 Guest are viewing this topic.

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
php fpm shell_exec and exec
« on: 2016-07-02, 21:58:15 »
I have been trying to figure out why a joomla site wasn't working properly and after turning on display errors found that:

shell_exec and exec both give phone warnings that they have been disabled for security reasons yet in PHP advanced configuration neither is in the disabled list.

How do I reenable this?  If it needs a custom template please add checkbox option in control panel to enable these functions.

Thank you,
Chris
« Last Edit: 2016-07-02, 22:00:57 by chrisf »
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #1 on: 2016-07-02, 21:59:30 »
I am using php55m as branch used.
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: php fpm shell_exec and exec
« Reply #2 on: 2016-07-02, 22:29:34 »
Remove from 'disable_functions' in 'advanced php configure' for certain client or admin.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #3 on: 2016-07-02, 23:01:26 »
/opt/php55m/custom/php.ini

;### MR -- custom setting (handle by kloxo)
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,show_source

that is the problem, it overrides pool/client configurations.  It needs to be commented out to allow individual admin/client disabled functions.

I do not want to use custom templates for php-fpm please fix.

Thank you
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #4 on: 2016-07-02, 23:07:33 »
I do not have shell_exec or exec in any configuration disabled.  (Server PHP or admin PHP)
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: php fpm shell_exec and exec
« Reply #5 on: 2016-07-03, 05:54:07 »
No. disable_functions declare inside php-fpm files per-user. See '/opt/configs/php-fpm/conf/*/php-fpm.d'
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #6 on: 2016-07-03, 10:38:23 »
You can say No, but I just did extensive testing.  I have multiple php disabled.  I use php55m as branch used.  In any phpinfo() it says configuration loaded: /opt/php55m/custom/php.ini

In this php.ini:

;### MR -- custom setting (handle by kloxo)
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,show_source


I have NO disabled function in KloxoMR panel with exec or shell_exec.  In phpinfo() it DOES NOT list them as disabled but when trying to use them, security warning is given.

I simply:
In /opt/php55m/custom/php.ini

;### MR -- custom setting (handle by kloxo)
;disable_functions = exec,passthru,shell_exec,system,proc_open,popen,show_source

Commented out and now all works.  If I change disabled functions in admin php configuration, it works.  I can add, remove exec etc.

When running fixphp script /opt/php55m/custom/php.ini does not get updated.  You need to comment out disabled functions in all php5*x/custom/php.ini files.

Test.  I have over and over.
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #7 on: 2016-07-03, 10:50:43 »
Try with display errors on.

<?php

$o = `zip -h 2>&1`;
echo $o;

?>

It will not work until you ; (comnent out) disabled functions in /opt/php5*m/custom/php.ini

After comnenting out, you can then add shell_exec to admin php advanced diaabled functions and it will disabke it, remove it - it works!  The problem is with /opt/php5*m/custom/php.ini files.
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: php fpm shell_exec and exec
« Reply #8 on: 2016-07-03, 14:51:37 »
Disable 'disable_functions' (with comnent out) is make unsecure for other php types (other then php-fpm).
« Last Edit: 2016-07-03, 15:49:57 by MRatWork »
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline chrisf

  • Senior Master
  • **
  • Posts: 883
  • Karma: +11/-1
  • Gender: Male
  • Be the change that you wish to see in the world.
    • View Profile
    • Conviction's Hosting
Re: php fpm shell_exec and exec
« Reply #9 on: 2016-07-03, 16:40:41 »
Then in server php configuration when updating advanced php configuration, all /opt/php5*m/custom/php.ini needs updated, also with /script/fixphp.

The value for disabled functions should be updated by KloxoMR panel.

Please fix this.  Thank you.
Christopher

Knowledge in: PHP, Perl, MySQL, Javascript, Actionscript, FLASH, HTML, CSS
Server Administrator / Developer: https://convictionshosting.com

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: php fpm shell_exec and exec
« Reply #10 on: 2016-07-03, 16:59:37 »
Wait for next upload.
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

 


Top 4 Global Search Engines:    Google    Bing    Baidu    Yahoo
Click Here

Page created in 0.045 seconds with 22 queries.

web stats analysis