ID: 8963
Updated by: [email]rasmusphp.net[/email]
Reported By: js at lsc dot hu
-Status: Open
+Status: Bogus
Bug Type: Feature/Change Request
Operating System: Linux Red Hat 7.0 / i386
PHP Version: 4.0.4pl1
New Comment:

Safe mode is gone now, so this doesn't apply anymore.


Previous Comments:
------------------------------------------------------------------------

[2001-01-28 18:07:35] [email]sniperphp.net[/email]

safe_mode has to be rewritten anyway..reclassified as feature/change
request.

--Jani

------------------------------------------------------------------------

[2001-01-28 05:36:44] js at lsc dot hu

When I set

include_path = ".:/usr/share/php"

to access shared libraries and

safe_mode = On

is set, users cannot use files in /usr/share/php, just because there're
userid check in main/fopen_wrappers.c. It means in safe mode you can
include files with the same owner userid only, as the controlling file
(eg. which contains that include or require).

My opinion: checks, mandatory blockings and security enhancements
should be distinguished via a new entry in php.ini.

Excerpt of my previous mail:

Check/block summary

env.var block:
- AUTHORIZATION (only in apache SAPI)
function block:
- dl
- set_time_limit
function restrictions:
- safe_mode_allowed_env_vars
- safe_mode_protected_env_vars
privileges
- sanity checks
mkdir, rmdir, rename, unlink, copy, chkgrp, chown, chmod, touch,
symlink, link, mkfifo, pg_loimport, filepro, filepro_rowcount,
filepro_retrieve, dbase_open, dbase_create, dbmopen
- special access permissions block
chmod
- userid checks
fopen

Conclusion

Some things are must-have in safe_mode, but I would put an own flag for
each type (well, the privilege sanity checks don't do any bad, so this
type doesn't need another flag).


------------------------------------------------------------------------


--
Edit this bug report at [url]http://bugs.php.net/?id=8963&edit=1[/url]