On Mon, 2002-05-13 at 00:41, Ilia A. wrote: > > disable_functions = sleep > > Ah but you forgot usleep, and flock() and socket_set_limit etc... > Soon enough you'll disable every function.
Not likely, and I wouldn't disable every single function. You complained about the ability, I provided you with the way that YOU can disable it. You have to ask yourself why your user would need to be able to call sleep > And when you do, I'll still be able to deadlock a PHP process by making it > excute a query on a locked SQL table, thus end up waiting forever for the > lock to be e>leased. So, you'll need to disable all database functions from > your PHP. > Now you are really starting to stretch it. I am sure the ratio of customers that have db backends are much smaller than general webhosting customers In all of these scenarios, the webserver itself would just spawn another process, and the os would page the other one because it is not in use, and then eventually the webserver would log the problem. If you factor that in with a shared environment with multiple webservers and a load balance, your risk is pretty low. Even if someone did do something like that to kill all of your webservers, you would easily be able to find out who did it, and fix the abuser. > > > > > > > > The argument you make to remove safe mode because it is not perfect > > > > > > is unfounded. By the same argument you could say we shouldn't use > > > > > > locks on our doors, because hey "they can be picked". > > > > > > > > > > Safe mode is not only imperfect it does not even work properly. In > > > > > the last day and a half I've showed 5 bugs that allow it be bypassed, > > > > > simply take a look at the latest safe_mode bugs. > > > > > > > > Five, I only saw one. Regardless they can and should be fixed. > > > > > > Check again: > > > > > > Bug report #17168-69 > > > Bug report #17155-57 > > > > All of those regarding safe mode are fixed now. > > Really, you don't say... bug reports #17168-69 are still open at the time of > this message being written. And when they are closed, don't worry I'll have a > few more posted tommorow for your enjoyment... > > > It depends on why the lock is broken, you have been suggesting this > > whole time that safe mode is a DESIGN flaw. However, your reasoning is > > only BUILD flaws. I have yet to hear a single reason as to why the > > concept of extra uid, checks of files is a bad thing. > > It is not PHPs job as a scripting/programming language to do security. > security should/must be done at the OS and web server level. Checking uid is > STUPID, the simplest example, is that if you upload a php script and it > creates a file you can no longer read or write to that file even though you > have file permissions to do so. > File system permissions exist for a reason, use them. how are you planning on protecting your passwd file then? > If you have sensetive data, like credit card information and you are not using > a dedicated server to store that data then do be surprised to find your data > in someone elses hands. In a shared enviroment especially where > programming/scripting languages are avaliable it is merely a matter of time > before someone takes advantage of some security hole/oversight and grabs the > hold of your data. So then you are agreeing : ) > > There are problems here and you can be a bit more constructive, and send > > patches, offer new security techniques, report bugs. Exaggerating and > > cursing safe mode does nothing but waste time. > I am clearly demonstrating the problem and if you actually payed attention > instead of trying to pretend this problem did not exist, I am not, I am merely disagreeing that safe mode should be removed. I mean god man, if you hate safe mode so much turn it off. There are options you know, but just because you don't like it does not mean that everyone should not be able to use it. reporting bugs about > it. I'd gladly offer a patch that will get rid off safe_mode for the core php > tree if developers are willing to add it to the CVS :) Or you could try something more useful, like fixing a bug in safe mode, adding a new security feature, etc. etc. However, I suppose it is too difficult to come up with a constructive solution. > Safe mode wasteful and pointless this is no exageratio,n it makes development > in the "safe" enviroment pointlessly difficult and offers no real safety. > > Ilia Hmm, but you just said that a shared webhosting enviroment, by nature, has no real safety. Pointlesly difficult..... then safe mode must be doing something.... -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
