Maybe creating an php.ini option like "disable_ini" where the admin can list
the ini options that can be or cannot be set by users. Of course certain
options like "child_terminate" should be disabled by default.
Btw the "child_terminate" which allows the user to kill the current apache
child is setup in such a way that anyone can enable it. IMHO that is a very
bad idea, a user should not have the decision over their ability to terminate
apache children, this option should be for the admin alone.
Ilia
On May 12, 2002 05:36 pm, Rasmus Lerdorf wrote:
> Right, but it would seem like we need a bit of a general purpose check on
> ini_set() from userspace. There are probably other directives that we may
> not want to allow or at least want to check from safe_mode. But yes,
> that's the code I was looking at. I think we should apply the safe-mode
> restriction on the argument in the ini handler.
>
> -R
>
> On Mon, 13 May 2002, Zeev Suraski wrote:
> > We can check it at the ini handler level.
> >
> > We can either forbid modifying error_log from userspace (denying
> > PHP_INI_USER), deny it only in safe mode, or even apply the safe mode
> > restriction at that level.
> >
> > At 00:25 13/05/2002, Rasmus Lerdorf wrote:
> > >Not quite sure how to fix this one. It's not like we can simply check
> > >before we open the error_log file in general, because that might be set
> > >by the server admin, it is only if the user tries to redefine where this
> > >error logfile should be that we want to apply the safe-mode restriction.
> > >Even if we try to do everything in the VCWD stuff in 4.3 we will have to
> > >keep some sort of state that tells us who provided the error
> > >logfile pathname
> > >
> > >-Rasmus
> > >
> > >On 12 May 2002 [EMAIL PROTECTED] wrote:
> > > > From: [EMAIL PROTECTED]
> > > > Operating system: Linux 2.4.18
> > > > PHP version: 4.2.0
> > > > PHP Bug Type: Scripting Engine problem
> > > > Bug description: error_log can be used to bypass safe_mode
> > > >
> > > > By doing ini_set('error_log', 'any_path); The user can append data to
> > > > any file writeable by the webserver.
> > > > --
> > > > Edit bug report at http://bugs.php.net/?id=17168&edit=1
> > > > --
> > > > Fixed in CVS: http://bugs.php.net/fix.php?id=17168&r=fixedcvs
> > > > Fixed in release:
> > > > http://bugs.php.net/fix.php?id=17168&r=alreadyfixed Need backtrace:
> > > > http://bugs.php.net/fix.php?id=17168&r=needtrace Try newer
> > > > version: http://bugs.php.net/fix.php?id=17168&r=oldversion Not
> > > > developer issue: http://bugs.php.net/fix.php?id=17168&r=support
> > > > Expected behavior: http://bugs.php.net/fix.php?id=17168&r=notwrong
> > > > Not enough info:
> > > > http://bugs.php.net/fix.php?id=17168&r=notenoughinfo Submitted twice:
> > > > http://bugs.php.net/fix.php?id=17168&r=submittedtwice
> > > > register_globals: http://bugs.php.net/fix.php?id=17168&r=globals
> > >
> > >--
> > >PHP Development Mailing List <http://www.php.net/>
> > >To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
