On 26 Mar 2012, at 17:41, Alex Pojarsky wrote:
> Now, as the issue adressed and script removed, can you please explain
> what exactly are the issues of using such approach? I mean security
> ones, not performance.
It's the wrong solution to a process and organisation problem. Ultimately it's
not really a problem IF you control every part of the infrastructure. Rene
clearly doesn't so it has implications for everyone sharing that
infrastructure, and anyone using the applications hosted there.
* It requires the host to enable allow_url_fopen which means every single
script on the server is then able to include/require URLs. It just needs one of
them to have a related vulnerability and suddenly people can execute arbitrary
PHP code on the server.
* Rene mentioned that the code is open source. This implies that the security
risk is lessened because the code that is being made publicly accessible is
already publicly accessible, so the opportunity for someone to find
vulnerabilities already exists. It gets an order of magnitude worse if other
people start ignorantly using his code because they're essentially giving him
the ability to execute arbitrary PHP code on their server. Not good no matter
how much he protests that he won't "be evil."
* You specifically wished to exclude performance from the discussion, but
scalability is potentially a big issue here and should not be completely
I think the real issue for Rene is that of perceived complexity. The idea of
having to manually keep many copies of the same code in sync is what leads to
finding solutions like this one. This solution leads to unnecessary network
traffic and introduces potential security risks that go way beyond your own
code, and even if it's not a big issue now it has the potential to become
I'd put a fair amount of cash on my guess that Rene is not using any form of
source control. To me that is the best solution to this problem. Curtis
mentioned rsync which will also do the job, but in my view you're nuts if
you're not using some form of source control already, and building a largely
automated process around that is trivial and automatically audited.
Rene: please read a book / website / something on PHP security. Some things are
important whether you believe they are or not.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php