This is a patch against php-4.0.4pl1. Description: In Safe Mode, when opening files the UID of the script owner and the UID of the destination file are compared. In some circumstances it is desired that this check be relaxed to a GID compare. The attached patch adds a php ini directive "safe_mode_gid" (boolean, default: Off). When this is On, a GID compare is performed if the UID compare fails. Additionally this patch adds a new PHP function getmygid(), which returns the GID of the executing script (see getmyuid()). Author: James Flemer <[EMAIL PROTECTED]> CITS / Web Developer The University of Vermont [ Please CC me in all replies, I am not subscribed to the list. ] Thanks, -James
--- php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:11:32 1.1 +++ php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:10:27 @@ -83,6 +83,7 @@ get_current_user getmyuid + getmygid getmypid u getmyinode getlastmod --- php-4.0.4pl1/php.ini-dist 2001/07/09 15:12:08 1.1 +++ php-4.0.4pl1/php.ini-dist 2001/07/09 15:15:27 @@ -90,6 +90,10 @@ ; Safe Mode safe_mode = Off +safe_mode_gid = Off + ; By default, Safe Mode does a UID compare + + ; check when opening files. If you want to + + ; relax this to a GID compare, then turn on + + ; safe_mode_gid. safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ ; Setting certain environment variables ; may be a potential security breach. --- php-4.0.4pl1/php.ini-optimized 2001/07/09 15:12:11 1.1 +++ php-4.0.4pl1/php.ini-optimized 2001/07/09 15:15:37 @@ -77,6 +77,10 @@ ; Safe Mode safe_mode = Off +safe_mode_gid = Off + ; By default, Safe Mode does a UID compare + + ; check when opening files. If you want to + + ; relax this to a GID compare, then turn on + + ; safe_mode_gid. safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ ; Setting certain environment variables ; may be a potential security breach. --- php-4.0.4pl1/main/main.c 2001/07/08 20:53:18 1.1 +++ php-4.0.4pl1/main/main.c 2001/07/09 00:27:42 @@ -228,6 +228,7 @@ STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_ALL, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_globals", "1", PHP_INI_ALL, OnUpdateBool, register_globals, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals) + STD_PHP_INI_BOOLEAN("safe_mode_gid", "0", +PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid, + php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("short_open_tag", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags, zend_compiler_globals, compiler_globals) STD_PHP_INI_BOOLEAN("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("track_errors", "0", PHP_INI_ALL, OnUpdateBool, track_errors, php_core_globals, core_globals) --- php-4.0.4pl1/main/php_globals.h 2001/07/08 20:53:18 1.1 +++ php-4.0.4pl1/main/php_globals.h 2001/07/09 00:17:38 @@ -63,6 +63,7 @@ zend_bool implicit_flush; zend_bool safe_mode; + zend_bool safe_mode_gid; zend_bool sql_safe_mode; zend_bool enable_dl; --- php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:28:46 1.1 +++ php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:38:21 @@ -29,6 +29,7 @@ #include "ext/standard/pageinfo.h" #include "safe_mode.h" #include "SAPI.h" +#include "php_globals.h" /* @@ -46,7 +47,7 @@ { struct stat sb; int ret; - long uid=0L, duid=0L; + long uid=0L, gid=0L, duid=0L, dgid=0L; char *s; if (!filename) { @@ -120,8 +121,14 @@ } if (duid == (uid=php_getuid())) { return 1; + } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) { + return 1; } else { - php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid); + if (PG(safe_mode_gid)) { + php_error(E_WARNING, "SAFE MODE Restriction in effect. The +script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid +%ld/%ld", uid, gid, filename, duid, dgid); + } else { + php_error(E_WARNING, "SAFE MODE Restriction in effect. The +script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, +duid); + } return 0; } } --- php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:44:00 1.1 +++ php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:45:44 @@ -243,6 +243,7 @@ #endif PHP_FE(getmyuid, NULL) + PHP_FE(getmygid, + NULL) PHP_FE(getmypid, NULL) PHP_FE(getmyinode, NULL) PHP_FE(getlastmod, NULL) @@ -785,6 +786,7 @@ BG(array_walk_func_name) = NULL; BG(incomplete_class) = NULL; BG(page_uid) = -1; + BG(page_gid) = -1; BG(page_inode) = -1; BG(page_mtime) = -1; #ifdef HAVE_PUTENV --- php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:43:58 1.1 +++ php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:45:08 @@ -158,6 +158,7 @@ /* pageinfo.c */ long page_uid; + long page_gid; long page_inode; long page_mtime; --- php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:39:29 1.1 +++ php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:46:35 @@ -47,9 +47,10 @@ pstat = sapi_get_stat(); - if (BG(page_uid)==-1) { + if (BG(page_uid)==-1 || BG(page_gid)==-1) { if(pstat) { BG(page_uid) = pstat->st_uid; + BG(page_gid) = pstat->st_gid; BG(page_inode) = pstat->st_ino; BG(page_mtime) = pstat->st_mtime; } @@ -64,6 +65,14 @@ return (BG(page_uid)); } +long php_getgid(void) +{ + BLS_FETCH(); + + php_statpage(BLS_C); + return (BG(page_gid)); +} + /* {{{ proto int getmyuid(void) Get PHP script owner's UID */ PHP_FUNCTION(getmyuid) @@ -75,6 +84,21 @@ RETURN_FALSE; } else { RETURN_LONG(uid); + } +} +/* }}} */ + +/* {{{ proto int getmygid(void) + Get PHP script owner's GID */ +PHP_FUNCTION(getmygid) +{ + long gid; + + gid = php_getgid(); + if (gid < 0) { + RETURN_FALSE; + } else { + RETURN_LONG(gid); } } /* }}} */ --- php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:39:31 1.1 +++ php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:42:16 @@ -22,10 +22,12 @@ #define PAGEINFO_H PHP_FUNCTION(getmyuid); +PHP_FUNCTION(getmygid); PHP_FUNCTION(getmypid); PHP_FUNCTION(getmyinode); PHP_FUNCTION(getlastmod); extern long php_getuid(void); +extern long php_getgid(void); #endif
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]