Difference between revisions of "report/security/report security check preventexecpath"

Jump to: navigation, search
m
m (Added link to spanish translation of page)
 
Line 10: Line 10:
 
$CFG->aspellpath = 'PATH';
 
$CFG->aspellpath = 'PATH';
 
</code>
 
</code>
 +
 +
 +
 +
[[es:report/security/report security check preventexecpath]]

Latest revision as of 14:08, 14 September 2017

Some administration options allow setting the path to executable files on the web server such as du, aspell, ghostscript and others. This can potentially cause a security risk. You can prevent administrators from changing these paths by adding the following setting to your config.php file:

$CFG->preventexecpath = true;

You should also explicitly set the relevant paths in your config.php file such as:

$CFG->pathtodu = 'PATH';
$CFG->pathtounoconv = 'PATH'; 
$CFG->aspellpath = 'PATH';