-

Note: You are currently viewing documentation for Moodle 3.10. Up-to-date documentation for the latest stable version of Moodle may be available here: report/security/report security check preventexecpath.

report/security/report security check preventexecpath: Difference between revisions

From MoodleDocs
Main pageManaging a Moodle siteSecuritySecurity overview reportreport/security/report security check preventexecpath
Security
m (Added link to spanish translation of page)
({{Security overview report}})
 
Line 1: Line 1:
Some administration options allow setting the path to executable files on the web server such as du, aspell, ghostscript and others. This can potentially cause a security risk. You can prevent administrators from changing these paths by adding the following setting to your config.php file:
{{Security overview report}}Some administration options allow setting the path to executable files on the web server such as du, aspell, ghostscript and others. This can potentially cause a security risk. You can prevent administrators from changing these paths by adding the following setting to your config.php file:


<code php>
<code php>

Latest revision as of 15:10, 29 January 2018

Some administration options allow setting the path to executable files on the web server such as du, aspell, ghostscript and others. This can potentially cause a security risk. You can prevent administrators from changing these paths by adding the following setting to your config.php file:

$CFG->preventexecpath = true; You should also explicitly set the relevant paths in your config.php file such as: $CFG->pathtodu = 'PATH'; $CFG->pathtounoconv = 'PATH'; $CFG->aspellpath = 'PATH';

Retrieved from "https://docs.moodle.org/310/en/index.php?title=report/security/report_security_check_preventexecpath&oldid=129952"
Powered by MediaWiki