Growing list of potentially dangerous PHP functions
Ruby PHP Shell
Switch branches/tags
Nothing to show
Latest commit 3734c05 Sep 13, 2011 v-p-b v-p-b Merge pull request #2 from cktricky/master
Ruby script

README

This is a list of potentially dangerous PHP functions which should be disabled in most of the PHP web hosting environments.

The php_dangerous.txt file contains the categorized list of these functions. 
The likely_used.txt file contains functions which can be used dangerously but are required by many applications.

Format: 

    [Category name ]
    function_name # comment

The generate_ini.sh script generates a php.ini entry from the list. Usage:

generate_ini.sh php_dangerous.txt

DISCLAIMER
==========

Use at your own risk! Hardening should always be done in accordance with the current environment.