my big concerns when seeing this were the following:

- if someone can inject attachments into the post editor, then the aspect that is insecure needs to be discovered,

because it may be possible to exercise privlege escalation and overload php via exec, and then start to traverse and modify the rest of the server,

once it's hacked, its hacked.  its hard to fix you have to restore from backups on the back end and it's ugly because code could be hiding ANYWHERE.
- ive been leary of having php exec enabled period from day one, and wonder if una can run without php exec...