Add Server dashboard #31

New Issue

GiteaMirror · 2025-11-06T16:42:42-06:00

GiteaMirror commented

2025-11-06 16:42:42 -06:00

Originally created by @joubertredrat on GitHub (Sep 9, 2015).

https://github.com/Kickball/awesome-selfhosted/issues/262

Originally created by @joubertredrat on GitHub (Sep 9, 2015). https://github.com/Kickball/awesome-selfhosted/issues/262

GiteaMirror closed this issue

2025-11-06 16:42:42 -06:00

GiteaMirror commented

2025-11-06 16:42:45 -06:00

@n1trux commented on GitHub (Sep 26, 2015):

enabling shell_exec? This seems risky. Do you use it?

Apart from that: Please create a PR.

@n1trux commented on GitHub (Sep 26, 2015): enabling shell_exec? This seems risky. Do you use it? Apart from that: Please create a PR.

GiteaMirror commented

2025-11-06 16:42:45 -06:00

@joubertredrat commented on GitHub (Sep 26, 2015):

Hi @n1trux
I'm PHP developer, don't have risky to use shell_exec with PHP because webserver generally runs as www-data or httpd user, then risky is low. I used this when I search a tool to local monitor my server, today I use PHPSysInfo.

@joubertredrat commented on GitHub (Sep 26, 2015): Hi @n1trux I'm PHP developer, don't have risky to use shell_exec with PHP because webserver generally runs as www-data or httpd user, then risky is low. I used this when I search a tool to local monitor my server, today I use PHPSysInfo.

GiteaMirror commented

2025-11-06 16:42:45 -06:00

@n1trux commented on GitHub (Sep 26, 2015):

still with shell_exec you could gain access to files running under the very same httpd/www-data user, which may expose database passwords and other attack vectors.

@n1trux commented on GitHub (Sep 26, 2015): still with shell_exec you could gain access to files running under the very same httpd/www-data user, which may expose database passwords and other attack vectors.

GiteaMirror commented

2025-11-06 16:42:47 -06:00

@xetch commented on GitHub (Sep 30, 2015):

👎 I wouldn't recommend adding an insecure program to the list.
@joubertredrat if you care about your security, you should stay away from using this.

@xetch commented on GitHub (Sep 30, 2015): :thumbsdown: I wouldn't recommend adding an insecure program to the list. @joubertredrat if you care about your security, you should stay away from using this.

GiteaMirror commented

2025-11-06 16:42:47 -06:00

@joubertredrat commented on GitHub (Sep 30, 2015):

Ok, you decide, I will not put.

But shell_exec isn't insecure, applications is. When I need, I use shell_exec without problems, I have applications running since 3, 5, 6 years, this applications uses shell_exec and never had any trouble with this.

Then remember, shell_exec isn't insecure, applications is insecure, It depends on how the application was made.

@joubertredrat commented on GitHub (Sep 30, 2015): Ok, you decide, I will not put. But shell_exec isn't insecure, applications is. When I need, I use shell_exec without problems, I have applications running since 3, 5, 6 years, this applications uses shell_exec and never had any trouble with this. Then remember, shell_exec isn't insecure, applications is insecure, It depends on how the application was made.

GiteaMirror commented

2025-11-06 16:42:47 -06:00

@xetch commented on GitHub (Sep 30, 2015):

@joubertredrat I didn't say shell_exec is insecure, it has it's purpose but there is a reason why shell_exec is usually disabled and why it should only be used sparingly.

@xetch commented on GitHub (Sep 30, 2015): @joubertredrat I didn't say shell_exec is insecure, it has it's purpose but there is a reason why shell_exec is usually disabled and why it should only be used sparingly.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/awesome-sysadmin#31