Bug #93221

Environment status: error message for disable_functions ist not helping

Added by Andreas Kiessling 10 months ago. Updated 10 months ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Reports
Target version:
-
Start date:
2021-01-05
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
10
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

My hoster currently has proc_open included in the disable_functions, this causes errors with the new Symfony mailer.

They do show up in the error log:
Core: Error handler (FE): PHP Warning: proc_open() has been disabled for security reasons in /var/www/foo/bar/vendor/symfony/mailer/Transport/Smtp/Stream/ProcessStream.php line 41

However, the error message from the Environment module does not help at all

Some PHP functions disabled
disable_functions=passthru shell_exec system proc_open popen parse_ini_file show_source These function(s) are disabled. TYPO3 uses some of those, so there might be trouble. TYPO3 is designed to use the default set of PHP functions plus some common extensions. Possibly these functions are disabled due to security considerations and most likely the list would include a function like exec() which is used by TYPO3 at various places. Depending on which exact functions are disabled, some parts of the system may just break without further notice.

I'd expect to get a more detailed information, so i can tell my hoster what to change and why that setting is needed, before i get the first error in the log


Related issues

Related to TYPO3 Core - Feature #91783: Add "allow list" for php.ini setting disable_functionsUnder Review2020-07-11

Actions
#1

Updated by Andreas Kiessling 10 months ago

  • Description updated (diff)
#2

Updated by Andreas Kiessling 10 months ago

I just checked the code for that error, and it just checks if there are any functions disabled, even if they are not needed at all.
There is already an allowlist config #91783, but imho we should do better here or ship with a default config for #91783 to filter out the usual suspects

#3

Updated by Andreas Kiessling 10 months ago

  • Related to Feature #91783: Add "allow list" for php.ini setting disable_functions added

Also available in: Atom PDF