Hi,
On Sat, Jun 08, 2002 at 06:22:29AM -0400, Rob Richards wrote :
> I have a few questions about correctly implementing safe_mode, open_basedir
> and allow_url checks within an extension.
> Probably an easy question, but I have seen it implemented in various ways in
> different extensions and want to make sure i implement this correctly.
>
> allow_url checks:
> is there a standard function which produces an error if not allowed, or
> do I just handle this within the extension after testing with
> PG(allow_url_fopen)?
In CVS HEAD we've a new, generic implemention called
'streams'. The streams implementation takes care of this. See
main/streams.c in locate_url_wrapper (which is called when
you create a new stream):
if (wrapper && wrapper->is_url && !PG(allow_url_fopen)) {
zend_error(E_WARNING, "URL file-access is disabled in the server
configuration");
return NULL;
}
Practically, there's no documentation about streams except
some mail Wez sent to php-dev@ a few weeks (months?) ago (and
the sources, of course), I hope you can find it in the
archives.
> safe_mode:
> this is done by testing both php_check_safe_mode_include_dir and
> php_checkuid if safe_mode is enabled, correct?
>
> open_basedir:
> this is just done with php_check_open_basedir?
I leave this open as I'm not an expert in this field. Current
implementation seem to call php_checkuid first and then
php_check_open_basedir (grep for the functions in
ext/standard/* ).
- Markus
--
GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
