Security controls configured via php.ini directives at the PHP_INI_SYSTEM level are ineffective as they could be bypassed by malicious scripts via writing their own process memory on the Linux platform. Proof of concept code included.
a746a7f8973556b23ebea90b00627034fee20f44dce632fd39f31dcfa7483ceb