On Tue, 2010-07-13 at 15:11 +0200, Vincenzo D'Amore wrote:
> thank you for reading my posts, *could anybody help me to
> understand why realpath cache is disabled if safe_mode or open_basedir are
> set?*
For security reasons.
Assume the following (simplified) code:
<?php
symlink('./bar', 'foo');
access_bar_in_some_way_to_get_it_cached();
unlink('bar');
symlink('/', 'bar');
do_bad_things_with_bar();
?>
and suddenly you've bypassed the check as for do_bad_things_with_bar()
the cached value is used. Now I hear you say "then invalidate the cache
entries" or something like that, but well, there are so many ways to
achieve such a result (including from outside PHP) that the check won't
be reliable in any way anymore.
That's the issue one has with security features on application level,
the operating system itself can implement it way more efficiently but
this doesn't (easily) work with a mod_php vhost config (solaris +
mod_privileges would be one way, probably linux + apparmor can do,
too ...)
johannes
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
