Here is the patch against current CVS.
Use:
cd php4; patch -p0 <php-safe-gid.diff
-James
CITS / Web Developer
The University of Vermont
On Mon, 9 Jul 2001, Rasmus Lerdorf wrote:
> Could you recreate this patch against current CVS?
> I think it is a good idea, but your patch doesn't work at all against the
> current code.
>
> Instructions about getting the code from CVS can be found here:
>
> http://php.net/anoncvs.php
>
> -Rasmus
>
> On Mon, 9 Jul 2001, James E. Flemer wrote:
>
> > This is a patch against php-4.0.4pl1.
> >
> > Description:
> > In Safe Mode, when opening files the UID of the script
> > owner and the UID of the destination file are compared. In
> > some circumstances it is desired that this check be relaxed
> > to a GID compare. The attached patch adds a php ini
> > directive "safe_mode_gid" (boolean, default: Off). When
> > this is On, a GID compare is performed if the UID compare
> > fails.
> > Additionally this patch adds a new PHP function
> > getmygid(), which returns the GID of the executing script
> > (see getmyuid()).
> >
> > Author:
> > James Flemer <[EMAIL PROTECTED]>
> > CITS / Web Developer
> > The University of Vermont
> >
> > [ Please CC me in all replies, I am not subscribed to the list. ]
> >
> > Thanks,
> > -James
> >
>
Index: php.ini-dist
===================================================================
RCS file: /repository/php4/php.ini-dist,v
retrieving revision 1.86
diff -u -r1.86 php.ini-dist
--- php.ini-dist 2001/07/04 03:53:12 1.86
+++ php.ini-dist 2001/07/09 16:23:57
@@ -111,6 +111,11 @@
;
safe_mode = Off
+; By default, Safe Mode does a UID compare check when
+; opening files. If you want to relax this to a GID compare,
+; then turn on safe_mode_gid.
+safe_mode_gid = Off
+
; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =
Index: php.ini-optimized
===================================================================
RCS file: /repository/php4/php.ini-optimized,v
retrieving revision 1.40
diff -u -r1.40 php.ini-optimized
--- php.ini-optimized 2001/06/24 22:40:41 1.40
+++ php.ini-optimized 2001/07/09 16:23:57
@@ -81,6 +81,10 @@
; Safe Mode
safe_mode = Off
+safe_mode_gid = Off
+ ; By default, Safe Mode does a UID compare
+
+ ; check when opening files. If you want to
+
+ ; relax this to a GID compare, then turn on
+
+ ; safe_mode_gid.
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_ ; Setting
certain environment variables
; may be a potential security breach.
Index: ext/standard/basic_functions.c
===================================================================
RCS file: /repository/php4/ext/standard/basic_functions.c,v
retrieving revision 1.357
diff -u -r1.357 basic_functions.c
--- ext/standard/basic_functions.c 2001/07/09 10:20:40 1.357
+++ ext/standard/basic_functions.c 2001/07/09 16:24:03
@@ -268,6 +268,7 @@
#endif
PHP_FE(getmyuid,
NULL)
+ PHP_FE(getmygid,
+ NULL)
PHP_FE(getmypid,
NULL)
PHP_FE(getmyinode,
NULL)
PHP_FE(getlastmod,
NULL)
@@ -846,6 +847,7 @@
BG(mmap_file) = NULL;
#endif
BG(page_uid) = -1;
+ BG(page_gid) = -1;
BG(page_inode) = -1;
BG(page_mtime) = -1;
#ifdef HAVE_PUTENV
Index: ext/standard/basic_functions.h
===================================================================
RCS file: /repository/php4/ext/standard/basic_functions.h,v
retrieving revision 1.80
diff -u -r1.80 basic_functions.h
--- ext/standard/basic_functions.h 2001/05/22 19:19:04 1.80
+++ ext/standard/basic_functions.h 2001/07/09 16:24:03
@@ -155,6 +155,7 @@
/* pageinfo.c */
long page_uid;
+ long page_gid;
long page_inode;
long page_mtime;
Index: ext/standard/pageinfo.c
===================================================================
RCS file: /repository/php4/ext/standard/pageinfo.c,v
retrieving revision 1.23
diff -u -r1.23 pageinfo.c
--- ext/standard/pageinfo.c 2001/06/06 13:05:51 1.23
+++ ext/standard/pageinfo.c 2001/07/09 16:24:03
@@ -49,9 +49,10 @@
pstat = sapi_get_stat();
- if (BG(page_uid)==-1) {
+ if (BG(page_uid)==-1 || BG(page_gid)==-1) {
if(pstat) {
BG(page_uid) = pstat->st_uid;
+ BG(page_gid) = pstat->st_gid;
BG(page_inode) = pstat->st_ino;
BG(page_mtime) = pstat->st_mtime;
}
@@ -70,6 +71,14 @@
}
/* }}} */
+long php_getgid(void)
+{
+ BLS_FETCH();
+
+ php_statpage(BLS_C);
+ return (BG(page_gid));
+}
+
/* {{{ proto int getmyuid(void)
Get PHP script owner's UID */
PHP_FUNCTION(getmyuid)
@@ -81,6 +90,21 @@
RETURN_FALSE;
} else {
RETURN_LONG(uid);
+ }
+}
+/* }}} */
+
+/* {{{ proto int getmygid(void)
+ Get PHP script owner's GID */
+PHP_FUNCTION(getmygid)
+{
+ long gid;
+
+ gid = php_getgid();
+ if (gid < 0) {
+ RETURN_FALSE;
+ } else {
+ RETURN_LONG(gid);
}
}
/* }}} */
Index: ext/standard/pageinfo.h
===================================================================
RCS file: /repository/php4/ext/standard/pageinfo.h,v
retrieving revision 1.6
diff -u -r1.6 pageinfo.h
--- ext/standard/pageinfo.h 2001/02/26 06:07:23 1.6
+++ ext/standard/pageinfo.h 2001/07/09 16:24:03
@@ -22,10 +22,12 @@
#define PAGEINFO_H
PHP_FUNCTION(getmyuid);
+PHP_FUNCTION(getmygid);
PHP_FUNCTION(getmypid);
PHP_FUNCTION(getmyinode);
PHP_FUNCTION(getlastmod);
extern long php_getuid(void);
+extern long php_getgid(void);
#endif
Index: main/main.c
===================================================================
RCS file: /repository/php4/main/main.c,v
retrieving revision 1.371
diff -u -r1.371 main.c
--- main/main.c 2001/07/02 18:17:09 1.371
+++ main/main.c 2001/07/09 16:24:04
@@ -213,6 +213,7 @@
STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_ALL,
OnUpdateBool, register_argc_argv,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("register_globals", "1", PHP_INI_ALL,
OnUpdateBool, register_globals,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, safe_mode,
php_core_globals, core_globals)
+ STD_PHP_INI_BOOLEAN("safe_mode_gid", "0",
+PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid,
+ php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("short_open_tag",DEFAULT_SHORT_OPEN_TAG,
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags,
zend_compiler_globals, compiler_globals)
STD_PHP_INI_BOOLEAN("sql.safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("track_errors", "0",
PHP_INI_ALL, OnUpdateBool, track_errors,
php_core_globals, core_globals)
Index: main/php_globals.h
===================================================================
RCS file: /repository/php4/main/php_globals.h,v
retrieving revision 1.63
diff -u -r1.63 php_globals.h
--- main/php_globals.h 2001/04/04 20:46:26 1.63
+++ main/php_globals.h 2001/07/09 16:24:07
@@ -68,6 +68,7 @@
zend_bool implicit_flush;
zend_bool safe_mode;
+ zend_bool safe_mode_gid;
zend_bool sql_safe_mode;
zend_bool enable_dl;
Index: main/safe_mode.c
===================================================================
RCS file: /repository/php4/main/safe_mode.c,v
retrieving revision 1.30
diff -u -r1.30 safe_mode.c
--- main/safe_mode.c 2001/06/06 13:05:53 1.30
+++ main/safe_mode.c 2001/07/09 16:24:07
@@ -29,6 +29,7 @@
#include "ext/standard/pageinfo.h"
#include "safe_mode.h"
#include "SAPI.h"
+#include "php_globals.h"
/*
@@ -46,7 +47,7 @@
{
struct stat sb;
int ret;
- long uid=0L, duid=0L;
+ long uid=0L, gid=0L, duid=0L, dgid=0L;
char *s;
if (!filename) {
@@ -120,6 +121,8 @@
}
if (duid == (uid=php_getuid())) {
return 1;
+ } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) {
+ return 1;
} else {
SLS_FETCH();
@@ -129,7 +132,11 @@
}
}
- php_error(E_WARNING, "SAFE MODE Restriction in effect. The script
whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ if (PG(safe_mode_gid)) {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The
+script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid
+%ld/%ld", uid, gid, filename, duid, dgid);
+ } else {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The
+script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename,
+duid);
+ }
return 0;
}
}
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
