This is a patch against php-4.0.4pl1.
Description:
In Safe Mode, when opening files the UID of the script
owner and the UID of the destination file are compared. In
some circumstances it is desired that this check be relaxed
to a GID compare. The attached patch adds a php ini
directive "safe_mode_gid" (boolean, default: Off). When
this is On, a GID compare is performed if the UID compare
fails.
Additionally this patch adds a new PHP function
getmygid(), which returns the GID of the executing script
(see getmyuid()).
Author:
James Flemer <[EMAIL PROTECTED]>
CITS / Web Developer
The University of Vermont
[ Please CC me in all replies, I am not subscribed to the list. ]
Thanks,
-James
--- php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:11:32 1.1
+++ php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:10:27
@@ -83,6 +83,7 @@
get_current_user
getmyuid
+ getmygid
getmypid
u getmyinode
getlastmod
--- php-4.0.4pl1/php.ini-dist 2001/07/09 15:12:08 1.1
+++ php-4.0.4pl1/php.ini-dist 2001/07/09 15:15:27
@@ -90,6 +90,10 @@
; Safe Mode
safe_mode = Off
+safe_mode_gid = Off
+ ; By default, Safe Mode does a UID compare
+
+ ; check when opening files. If you want to
+
+ ; relax this to a GID compare, then turn on
+
+ ; safe_mode_gid.
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_ ; Setting
certain environment variables
; may be a potential security breach.
--- php-4.0.4pl1/php.ini-optimized 2001/07/09 15:12:11 1.1
+++ php-4.0.4pl1/php.ini-optimized 2001/07/09 15:15:37
@@ -77,6 +77,10 @@
; Safe Mode
safe_mode = Off
+safe_mode_gid = Off
+ ; By default, Safe Mode does a UID compare
+
+ ; check when opening files. If you want to
+
+ ; relax this to a GID compare, then turn on
+
+ ; safe_mode_gid.
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_ ; Setting
certain environment variables
; may be a potential security breach.
--- php-4.0.4pl1/main/main.c 2001/07/08 20:53:18 1.1
+++ php-4.0.4pl1/main/main.c 2001/07/09 00:27:42
@@ -228,6 +228,7 @@
STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_ALL,
OnUpdateBool, register_argc_argv,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("register_globals", "1", PHP_INI_ALL,
OnUpdateBool, register_globals,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, safe_mode,
php_core_globals, core_globals)
+ STD_PHP_INI_BOOLEAN("safe_mode_gid", "0",
+PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid,
+ php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("short_open_tag", "1",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags,
zend_compiler_globals, compiler_globals)
STD_PHP_INI_BOOLEAN("sql.safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("track_errors", "0",
PHP_INI_ALL, OnUpdateBool, track_errors,
php_core_globals, core_globals)
--- php-4.0.4pl1/main/php_globals.h 2001/07/08 20:53:18 1.1
+++ php-4.0.4pl1/main/php_globals.h 2001/07/09 00:17:38
@@ -63,6 +63,7 @@
zend_bool implicit_flush;
zend_bool safe_mode;
+ zend_bool safe_mode_gid;
zend_bool sql_safe_mode;
zend_bool enable_dl;
--- php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:28:46 1.1
+++ php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:38:21
@@ -29,6 +29,7 @@
#include "ext/standard/pageinfo.h"
#include "safe_mode.h"
#include "SAPI.h"
+#include "php_globals.h"
/*
@@ -46,7 +47,7 @@
{
struct stat sb;
int ret;
- long uid=0L, duid=0L;
+ long uid=0L, gid=0L, duid=0L, dgid=0L;
char *s;
if (!filename) {
@@ -120,8 +121,14 @@
}
if (duid == (uid=php_getuid())) {
return 1;
+ } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) {
+ return 1;
} else {
- php_error(E_WARNING, "SAFE MODE Restriction in effect. The script
whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ if (PG(safe_mode_gid)) {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The
+script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid
+%ld/%ld", uid, gid, filename, duid, dgid);
+ } else {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The
+script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename,
+duid);
+ }
return 0;
}
}
--- php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:44:00 1.1
+++ php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:45:44
@@ -243,6 +243,7 @@
#endif
PHP_FE(getmyuid,
NULL)
+ PHP_FE(getmygid,
+ NULL)
PHP_FE(getmypid,
NULL)
PHP_FE(getmyinode,
NULL)
PHP_FE(getlastmod,
NULL)
@@ -785,6 +786,7 @@
BG(array_walk_func_name) = NULL;
BG(incomplete_class) = NULL;
BG(page_uid) = -1;
+ BG(page_gid) = -1;
BG(page_inode) = -1;
BG(page_mtime) = -1;
#ifdef HAVE_PUTENV
--- php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:43:58 1.1
+++ php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:45:08
@@ -158,6 +158,7 @@
/* pageinfo.c */
long page_uid;
+ long page_gid;
long page_inode;
long page_mtime;
--- php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:39:29 1.1
+++ php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:46:35
@@ -47,9 +47,10 @@
pstat = sapi_get_stat();
- if (BG(page_uid)==-1) {
+ if (BG(page_uid)==-1 || BG(page_gid)==-1) {
if(pstat) {
BG(page_uid) = pstat->st_uid;
+ BG(page_gid) = pstat->st_gid;
BG(page_inode) = pstat->st_ino;
BG(page_mtime) = pstat->st_mtime;
}
@@ -64,6 +65,14 @@
return (BG(page_uid));
}
+long php_getgid(void)
+{
+ BLS_FETCH();
+
+ php_statpage(BLS_C);
+ return (BG(page_gid));
+}
+
/* {{{ proto int getmyuid(void)
Get PHP script owner's UID */
PHP_FUNCTION(getmyuid)
@@ -75,6 +84,21 @@
RETURN_FALSE;
} else {
RETURN_LONG(uid);
+ }
+}
+/* }}} */
+
+/* {{{ proto int getmygid(void)
+ Get PHP script owner's GID */
+PHP_FUNCTION(getmygid)
+{
+ long gid;
+
+ gid = php_getgid();
+ if (gid < 0) {
+ RETURN_FALSE;
+ } else {
+ RETURN_LONG(gid);
}
}
/* }}} */
--- php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:39:31 1.1
+++ php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:42:16
@@ -22,10 +22,12 @@
#define PAGEINFO_H
PHP_FUNCTION(getmyuid);
+PHP_FUNCTION(getmygid);
PHP_FUNCTION(getmypid);
PHP_FUNCTION(getmyinode);
PHP_FUNCTION(getlastmod);
extern long php_getuid(void);
+extern long php_getgid(void);
#endif
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
