problem with exec()

by RameshKumar 2007-09-01 11:45:14

Problems with functions like exec() , system() and backticks
Problem.

Functions like exec() and system() are used for executing external programs.
So it can execute the shell command also. If you pass a user input value to exec() function it can make very bad results. If you call system($input_from_user) function user can enter any command as input and execute in your machine. Even he can delete all the contents by just giving
"rm -rf * ". Also in the exec() function user can enter any command by just using a semi-column (;) in the argument section.

Solution:

Disable insecure functions using disable_functions in php.ini.
You can use like ,

disable_functions = system,exec

Also you can use EsacpeShellCmd() before passing the value to system() or exec() functions. It will escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands.

EscapeShellArg() can also be used for the same purpose. It will put single quotes around the string. So it will escape any existing single quotes in the string.

Tagged in:

1473
like
0
dislike
0
mail
flag

You must LOGIN to add comments