Maybe creating an php.ini option like "disable_ini" where the admin can list the ini options that can be or cannot be set by users. Of course certain options like "child_terminate" should be disabled by default. Btw the "child_terminate" which allows the user to kill the current apache child is setup in such a way that anyone can enable it. IMHO that is a very bad idea, a user should not have the decision over their ability to terminate apache children, this option should be for the admin alone.
Ilia On May 12, 2002 05:36 pm, Rasmus Lerdorf wrote: > Right, but it would seem like we need a bit of a general purpose check on > ini_set() from userspace. There are probably other directives that we may > not want to allow or at least want to check from safe_mode. But yes, > that's the code I was looking at. I think we should apply the safe-mode > restriction on the argument in the ini handler. > > -R > > On Mon, 13 May 2002, Zeev Suraski wrote: > > We can check it at the ini handler level. > > > > We can either forbid modifying error_log from userspace (denying > > PHP_INI_USER), deny it only in safe mode, or even apply the safe mode > > restriction at that level. > > > > At 00:25 13/05/2002, Rasmus Lerdorf wrote: > > >Not quite sure how to fix this one. It's not like we can simply check > > >before we open the error_log file in general, because that might be set > > >by the server admin, it is only if the user tries to redefine where this > > >error logfile should be that we want to apply the safe-mode restriction. > > >Even if we try to do everything in the VCWD stuff in 4.3 we will have to > > >keep some sort of state that tells us who provided the error > > >logfile pathname > > > > > >-Rasmus > > > > > >On 12 May 2002 [EMAIL PROTECTED] wrote: > > > > From: [EMAIL PROTECTED] > > > > Operating system: Linux 2.4.18 > > > > PHP version: 4.2.0 > > > > PHP Bug Type: Scripting Engine problem > > > > Bug description: error_log can be used to bypass safe_mode > > > > > > > > By doing ini_set('error_log', 'any_path); The user can append data to > > > > any file writeable by the webserver. > > > > -- > > > > Edit bug report at http://bugs.php.net/?id=17168&edit=1 > > > > -- > > > > Fixed in CVS: http://bugs.php.net/fix.php?id=17168&r=fixedcvs > > > > Fixed in release: > > > > http://bugs.php.net/fix.php?id=17168&r=alreadyfixed Need backtrace: > > > > http://bugs.php.net/fix.php?id=17168&r=needtrace Try newer > > > > version: http://bugs.php.net/fix.php?id=17168&r=oldversion Not > > > > developer issue: http://bugs.php.net/fix.php?id=17168&r=support > > > > Expected behavior: http://bugs.php.net/fix.php?id=17168&r=notwrong > > > > Not enough info: > > > > http://bugs.php.net/fix.php?id=17168&r=notenoughinfo Submitted twice: > > > > http://bugs.php.net/fix.php?id=17168&r=submittedtwice > > > > register_globals: http://bugs.php.net/fix.php?id=17168&r=globals > > > > > >-- > > >PHP Development Mailing List <http://www.php.net/> > > >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php