Thanks sara for responding. Will write a snippet to address this and get back to you.
With regards Kamesh Jayachandran On Thu, 11 Aug 2005 07:52:56 -0700, "Sara Golemon" <[EMAIL PROTECTED]> said: > > Version PHP 5.1 > > file main/php_init.c > > function int php_init_config() uses realpath. > > In NetWare our earlier releases of LibC SDK has no realpath > > implementation. > > > > I could see the following lines in TSRM/tsrm_virtual_cwd.c > > > > #ifndef HAVE_REALPATH > > #define realpath(x,y) strcpy(y,x) > > #endif > > > > Why not this be in TSRM/tsrm_virtual_cwd.h so that it will work in all > > the cases. > > > > Can I go ahead and checkin this? > > > I have two concerns with this "solution" (both here and in TSRM). > > (1) Security: Both internally with checks such as open_basedir and in > userspace when evaluating URL parameters (an all too common practice). > > (2) Functionality: require_once()/include_once() could be fooled into > including the same file twice. > > Granted #2 requires specific circumstances and #1 can be worked around > for > tightly managed systems running no external packages. > > How about a more expensive, but more closely aproximating substitute to > satisfy all of these? > > /* psuedo-code */ > #ifndef HAVE_REALPATH > realpath(...) { > itterate path from root: > if symlink, resolve > if dir, append next portion of remaining path > otherwise, ergh...whatever realpath() would do in this situation... > loop > } > #endif > -- http://www.fastmail.fm - IMAP accessible web-mail -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php