maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Deactivating limitation of commands in safe_exec, we'll just check if there are redirects and stuff like that

Browse Source 
The original reason for safe_exec is already allowed: rm
This commit is contained in:
Florian Aders (EleRas)
2010-04-05 13:03:58 +00:00
parent 8d652183a0
commit 43595df977
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/functions/filedir/function.safe_exec.php
View File

@@ -76,6 +76,8 @@ function safe_exec($exec_string, &$return_value = false)
die('SECURITY CHECK FAILED!' . "\n" . 'The execute string "' . htmlspecialchars($exec_string) . '" is a possible security risk!' . "\n" . 'Please check your whole server for security problems by hand!' . "\n"); die('SECURITY CHECK FAILED!' . "\n" . 'The execute string "' . htmlspecialchars($exec_string) . '" is a possible security risk!' . "\n" . 'Please check your whole server for security problems by hand!' . "\n");
} }
/*
* This is not needed anymore, we allow all commands and just check for pipes and stuff
// //
// check if command is allowed here // check if command is allowed here
// //
@@ -94,6 +96,7 @@ function safe_exec($exec_string, &$return_value = false)
{ {
die('SECURITY CHECK FAILED!' . "\n" . 'Your command "' . htmlspecialchars($exec_string) . '" is not allowed!' . "\n" . 'Please check your whole server for security problems by hand!' . "\n"); die('SECURITY CHECK FAILED!' . "\n" . 'Your command "' . htmlspecialchars($exec_string) . '" is not allowed!' . "\n" . 'Please check your whole server for security problems by hand!' . "\n");
} }
*/
// //
// execute the command and return output // execute the command and return output