1.2.97. Can’t Disable Class

This is the list of potentially dangerous PHP class being used in the code, such as `Phar <https://www.php.net/phar>`_.

This analysis is the base for suggesting values for the disable_classes directive.

<?php

// This script uses ftp_connect(), therefore, this function shouldn't be disabled.
$phar = new Phar();

?>

1.2.97.1. Specs

Short name	Security/CantDisableClass
Rulesets	All, Appinfo, CE
Exakat since	0.8.4
PHP Version	All
Severity	Minor
Time To Fix	Quick (30 mins)
Precision	High
Features	disable-classes
Related rule	Can’t Disable Function
Available in	Entreprise Edition, Community Edition, Exakat Cloud