report/security/report security check preventexecpath

Jump to: navigation, search
Main pageManaging a Moodle siteSecuritySecurity overview reportreport/security/report security check preventexecpath
Security
Some administration options allow setting the path to executable files on the web server such as du, aspell, ghostscript and others. This can potentially cause a security risk. You can prevent administrators from changing these paths by adding the following setting to your config.php file: 
$CFG->preventexecpath = true;

You should also explicitly set the relevant paths in your config.php file such as: 

$CFG->pathtodu = 'PATH';
$CFG->pathtounoconv = 'PATH'; 
$CFG->aspellpath = 'PATH';
Retrieved from "https://docs.moodle.org/35/en/index.php?title=report/security/report_security_check_preventexecpath&oldid=129952"