Is there a way to use exec( ) in a more secure manner?

0 views
Skip to first unread message

ande...@gmail.com

unread,
Jun 22, 2006, 3:24:26 PM6/22/06
to Professional PHP Developers
Hello, I am in a bind right now. I am in final stages of creating a
small web service and our new 'professional' host is refusing to allow
the use of exec( ) from within our script. I am using this function to
call 'convert' from linux.
This is the code I currently use to create jpg images from the pdf
files we generate:

$command = 'convert '. $mypdf .' '. $myjpg;
exec($command);

We are using the Moodle web app on a LAMP architecture. I'll include
the server's details below.

Here is the message from my host contact:
"..Martin has advised us against activating this feature of Apache for
security reasons. He recommends using the GD Library..."

Operating system Linux
Kernel version 2.4.21-40.EL
Machine Type i686
Apache version 1.3.36 (Unix)
PERL version 5.8.7
Path to PERL /usr/bin/perl
Path to sendmail /usr/sbin/sendmail
Installed Perl Modules Click to View
PHP version 4.4.2
MySQL version 4.1.19-standard

The Webdevil [ 360 PSG ]

unread,
Jun 23, 2006, 12:12:57 AM6/23/06
to Professional PHP Developers
You are going to find a TON of shared host servers that will not allow
you to use system( ) or exec( ) they are huge security risks and alot
of precaution must be taken by the box admin to insure permissions
limit all kinds of things... usually more headache than they want.

Those commands are usually reserved for boxes you have control over.
You can try to find another host that allows command line calls, or you
may have to go dedicated server / virtual server route... $$$ not your
9.95/month though !

Let me know if you find a good host with that level of access. I would
like to checkem out.

Joel

Gaurav Arora

unread,
Jun 23, 2006, 1:37:03 AM6/23/06
to Professi...@googlegroups.com
Hostgator ( http://tinyurl.com/hfxnq ) provides exec etc. I'm not sure
if they provide that level of access on all servers or not but I have
3 accounts with them and all 3 have exec etc enabled. More than
anything else I love the fact that they install libraries for me even
on a shared system. Ofcourse such a library install requires a
significant amount of bicthing and moaning on my part but I haven't
come across any other host which would do so even after I whine for 3
straight days.

Gaurav

P.S. Affiliate link included above.

meind...@gmail.com

unread,
Jun 26, 2006, 3:29:49 PM6/26/06
to Professional PHP Developers
I guess They'll have a big filter behind that command ;-)

Reply all
Reply to author
Forward
0 new messages