Does enabling shell_exec in php.ini always pose a security risk? Or can it be done safely?