Chapter 24. Security Mode
Directory
Functions restricted or blocked by Security Mode
The PHP security mode is set up to solve the shared-server security problem. In terms of structure, it is unreasonable to try to solve this problem on the PHP layer, but it is unrealistic to modify the Web server layer and operating system layer. Therefore, many people, especially ISP, currently use the security mode.
Table 24-1. Security Mode settings are as follows:
Set default options
Safe_mode off
Safe_mode_gid 0
Safe_mode_include_dir ""
Safe_mode_exec_dir 1
Open_basedir ""
Safe_mode_allowed_env_vars PHP _
Safe_mode_protected_env_vars LD_LIBRARY_PATH
Disable_functions ""
When safe_mode is set to on, PHP checks whether the owner of the current script matches the owner of the file operated by the file function. Example:-RW-r -- 1 Rasmus 33 Jul 1 19: 20 script. php
-RW-r -- 1 Root 1116 May 26/etc/passwd
Run script. php <? PHP
Readfile ('/etc/passwd ');
?>
If the security mode is activated, the following error occurs: Warning: Safe mode restriction in effect. The script whose uid is 500 is not
Allowed to access/etc/passwd owned by UID 0 in/docroot/script. php on line 2
At the same time, there may be such an environment, in which the loose GID check is enough, but the strict uid check is not suitable. You can use the safe_mode_gid option to control this check. If it is set to on, the loose GID check is performed; if it is set to off (default), the uid check is performed.
Except for safe_mode, if you set the open_basedir option, all file operations will be restricted under the directory you specified. Example: <directory/docroot>
Php_admin_value open_basedir/docroot
</Directory>
If you run the same script. php after the open_basedir option is set, the result is: Warning: open_basedir restriction in effect. file is in wrong directory in
/Docroot/script. php on line 2
You can also shield some functions independently. Note that the disable_functions option cannot be used outside the php. ini file. That is to say, you cannot block functions on different virtual hosts or directories in the httpd. conf file. If we add the following content to the php. ini file: disable_functions readfile, System
Then we will get the following output: Warning: readfile () has been disabled for security reasons in
/Docroot/script. php on line 2
Functions restricted or blocked by Security Mode
The following list of Security modes may be incomplete or incorrect.
Table 24-2. Security mode restriction Functions
Function Name restrictions
Dbmopen () checks whether the file/directory you want to operate has the same UID as the script being executed.
Dbase_open () will check whether the file/directory you want to operate has the same UID as the script being executed.
Filepro () checks whether the file/directory you want to operate has the same UID as the script being executed.
Filepro_rowcount () checks whether the file/directory you want to operate has the same UID as the script being executed.
Filepro_retrieve () will check whether the file/directory you want to operate has the same UID as the script being executed.
Ifx _ * () SQL _safe_mode limit ,(! = Safe mode)
Ingres _ * () SQL _safe_mode limit ,(! = Safe mode)
MySQL _ * () SQL _safe_mode limit ,(! = Safe mode)
Pg_loimport () will check whether the file/directory you want to operate has the same UID as the script being executed.
Posix_mkfifo () checks whether the directory you want to operate and the script being executed have the same uid.
Putenv () follows the safe_mode_protected_env_vars and safe_mode_allowed_env_vars options set by INI. See the putenv () function documentation.
Move_uploaded_file () will check whether the file/directory you want to operate has the same UID as the script being executed.
Chdir () checks whether the directory to be operated has the same UID as the script being executed.
DL () this function is blocked in security mode.
Backtick operator this function is blocked in security mode.
Shell_exec () (with the same function as the backticks function) is blocked in safe mode.
Exec () You can only perform operations in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object...
System () You can only perform operations in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object...
Passthru () You can only perform operations in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object...
Popen () You can only perform operations in the directory set by safe_mode_exec_dir. For some reason, it cannot be used in the path of the executable object...
Mkdir () checks whether the directory to be operated has the same UID as the script being executed.
Rmdir () checks whether the file/directory you want to operate has the same UID as the script being executed.
Rename () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed.
Unlink () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed.
Copy () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed. (On source and target)
Chgrp () checks whether the file/directory you want to operate has the same UID as the script being executed.
Chown () checks whether the file/directory you want to operate has the same UID as the script being executed.
Chmod () checks whether the file/directory you want to operate has the same UID as the script being executed. In addition, you cannot set SUID, SGID, and sticky bits
Touch () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed.
Symlink () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed. (Note: Only test target)
Link () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed. (Note: Only test target)
Getallheaders () in safe mode, header information starting with "Authorization" (case sensitive) is not returned. Warning getallheaders () cannot be implemented under AOL-server!
Header () in safe mode, if you set www-authenticate, the UID of the current script will be added to the realm part of the header information.
Highlight_file (), show_source () will check whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed. (Note: it is only valid after version 4.2.1)
Parse_ini_file () checks whether the file/directory you want to operate has the same UID as the script being executed. Check whether the directory you want to operate has the same UID as the script being executed. (Note: it is only valid after version 4.2.1)
Any function using PhP4/main/fopen_wrappers.c ?? |
|
