From c332c78e65a130da2023771a3d7e651d24443063 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Sat, 8 Dec 2018 10:26:54 +0100
Subject: add imap.enable_insecure_rsh in php.ini

---
 php.ini | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'php.ini')

diff --git a/php.ini b/php.ini
index 821b31e..3c6e49b 100644
--- a/php.ini
+++ b/php.ini
@@ -955,6 +955,13 @@ cli_server.color = On
 ; otherwise output encoding conversion cannot be performed.
 ;iconv.output_encoding =
 
+[imap]
+; rsh/ssh logins are disabled by default. Use this INI entry if you want to
+; enable them. Note that the IMAP library does not filter mailbox names before
+; passing them to rsh/ssh command, thus passing untrusted data to this function
+; with rsh/ssh enabled is insecure.
+;imap.enable_insecure_rsh=0
+
 [intl]
 ;intl.default_locale =
 ; This directive allows you to produce PHP errors when some error
-- 
cgit