disabled_functions=mail,putenv ;) #2
Description
Good job and nice technique, but in a very restricted environment where mail() and putenv() are also in disabled_functions it may not work.
I am doing some further research if there is any function inside get_defined_functions() that also executes an execve() behind the scenes... or another method like transform chankro.so into ftp.so to trojanize ftp php functions if putenv(LD_PRELOAD) is available and is called before ftp_connect()...