Highjacking System Calls For Hardening PHP

Zur Navigation springen Zur Suche springen is a library that integrates with the PHP interpreter and intercepts and manipulates the system calls provided by libc6. It replace the execve() syscall with a custom function which does extra sanity checking in order to prevent that an attacker could execute arbitrary code on the system exploiting a vulnerability in a web-based application (such as a bugged cms). It's open-source software released under the terms of the GPL license and compatible with PHP running as a CGI process or Apache's DSO module. The official website is