Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Kostya Bodnya2015-03-20 13:03:02
PHP
Kostya Bodnya, 2015-03-20 13:03:02

Why doesn't "suhosin.executor.disable_emodifier" work?

Hello!
I'm running PHP5.6 on Ubuntu 12.04 LTS as Apache 2.4
Suhosin module built from source.
In suhosin.ini I specify. the following directives:

suhosin.executor.disable_eval = On
suhosin.executor.disable_emodifier = On

If you look in phpinfo(), you can see that Suhosin is enabled, and these directives are set to "On" both globally and locally for the host.
But, here's the problem, the following code runs just fine:
eval('echo 5;');
This code runs just as well:
preg_replace("/.*/e", "eval('echo 5, PHP_EOL;')", ".");

Tell me, friends, how would I turn off all this indecency.
Thank you!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
K
killsxs2020-04-15 18:14:50
What are the errors in the code? 2Reply
C
cybernoob2018-01-31 15:18:15
How to deal with memory in PHP? 1Reply
K
kovalr2015-09-24 21:40:59
I don't see the register_globals parameter in phpinfo(). Why? 3Reply
A
AndTheEnd2018-01-31 16:46:46
How to display information from two different databases? 1Reply
L
Lev Rozanov2020-04-15 19:29:15
Array of nested (dependent) fields in $_POST? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question