Actions
Bug #3321
closed
escapeshellcmd blacklisted results in configuration erroring out
Description
When escapeshellcmd is blacklisted by a servers security it results in the configuration page displaying nothing or erroring out. Should check if function is available before attempting to use and if not just return $command as done for windows servers.
Files
Actions
#1
Updated by krileon over 12 years ago
- File 3321.patch 3321.patch added
- File imgToolbox.class.php imgToolbox.class.php added
- Status changed from Assigned to Resolved
- Assignee changed from krileon to beat
- Target version set to CB 1.8.1
- % Done changed from 0 to 100
Updated by beat over 12 years ago
- Target version changed from CB 1.8.1 to CB 1.9
Updated by beat about 12 years ago
- Status changed from Resolved to Closed
- Estimated time set to 1:00 h
This warning only appears when exec() is enabled !!!!
Means the server is really misconfigured !
On Unix servers we should not use exec without escapeshellcmd.
Allowing exec but not escapeshellcmd() is complete non-sense. Thus that case should be handled not as suggested, but we should check for that at same time as exec().
Thus fixed the issue differently than suggested.
Committed in r1880 .
Actions