Symfony version(s) affected

7.3.1

Description

Symfony Console unconditionally calls hasSttyAvailable which uses shell_exec to check whether stty can be executed.

This fails with a PHP warning in case exec/fork is disallowed.

One such scenario is using sudo with a sudoers rule with the NOEXEC: tag in place.

How to reproduce

sudoers line:

youruser ALL = (otheruser) NOPASSWD:NOEXEC: /usr/bin/php8.4 /home/otheruser/symfony-project/bin/console*

Command to execute as youruser:

sudo -u otheruser /usr/bin/php8.4 /home/otheruser/symfony-project/bin/console

Adding any of the standard Symfony Console CLI parameters does not change a thing (one might expect that maybe -n would skip the stty check but it doesn't - whether that's right or wrong is beyond the scope of this bug report).

Possible Solution

Use the @ silence operator, similarly to how proc_open is called in readFromProcess.

Maybe that method could even be reused to implement the hasSttyAvailable functionality (didn't check).

Additional Context

Running Symfony Console itself should not require permission to exec/fork or generate PHP warnings while trying.

Specific commands may of course have other requirements.

Example log output:

{"message":"Warning: shell_exec(): Unable to execute 'stty 2> /dev/null'","context":{"exception":{"class":"ErrorException","message":"Warning: shell_exec(): Unable to execute 'stty 2> /dev/null'","code":0,"file":"/home/otheruser/symfony-project/vendor/symfony/console/Terminal.php:131"}},"level":400,"level_name":"ERROR","channel":"php","datetime":"2025-07-24T12:13:03.643936+02:00","extra":{}}

Code references:

• https://github.com/symfony/console/blob/7.3/Terminal.php#L131
• https://github.com/symfony/console/blob/7.3/Application.php#L1010