Thomas Hochstein <ml@ancalagon.inka.de> wrote: > Raphael Geissert schrieb: > >>> disable_functions = dl, phpinfo, system, mail, include, shell_exec, >>> exec, >> >> include()? I don't want to imagine how many scripts will break. > > A script that doesn't run is a *very* secure script. That depends on the error handling.