Here is the patch against current CVS. Use: cd php4; patch -p0 <php-safe-gid.diff -James CITS / Web Developer The University of Vermont On Mon, 9 Jul 2001, Rasmus Lerdorf wrote: > Could you recreate this patch against current CVS? > I think it is a good idea, but your patch doesn't work at all against the > current code. > > Instructions about getting the code from CVS can be found here: > > http://php.net/anoncvs.php > > -Rasmus > > On Mon, 9 Jul 2001, James E. Flemer wrote: > > > This is a patch against php-4.0.4pl1. > > > > Description: > > In Safe Mode, when opening files the UID of the script > > owner and the UID of the destination file are compared. In > > some circumstances it is desired that this check be relaxed > > to a GID compare. The attached patch adds a php ini > > directive "safe_mode_gid" (boolean, default: Off). When > > this is On, a GID compare is performed if the UID compare > > fails. > > Additionally this patch adds a new PHP function > > getmygid(), which returns the GID of the executing script > > (see getmyuid()). > > > > Author: > > James Flemer <[EMAIL PROTECTED]> > > CITS / Web Developer > > The University of Vermont > > > > [ Please CC me in all replies, I am not subscribed to the list. ] > > > > Thanks, > > -James > > >
Index: php.ini-dist =================================================================== RCS file: /repository/php4/php.ini-dist,v retrieving revision 1.86 diff -u -r1.86 php.ini-dist --- php.ini-dist 2001/07/04 03:53:12 1.86 +++ php.ini-dist 2001/07/09 16:23:57 @@ -111,6 +111,11 @@ ; safe_mode = Off +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + ; When safe_mode is on, only executables located in the safe_mode_exec_dir ; will be allowed to be executed via the exec family of functions. safe_mode_exec_dir = Index: php.ini-optimized =================================================================== RCS file: /repository/php4/php.ini-optimized,v retrieving revision 1.40 diff -u -r1.40 php.ini-optimized --- php.ini-optimized 2001/06/24 22:40:41 1.40 +++ php.ini-optimized 2001/07/09 16:23:57 @@ -81,6 +81,10 @@ ; Safe Mode safe_mode = Off +safe_mode_gid = Off + ; By default, Safe Mode does a UID compare + + ; check when opening files. If you want to + + ; relax this to a GID compare, then turn on + + ; safe_mode_gid. safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ ; Setting certain environment variables ; may be a potential security breach. Index: ext/standard/basic_functions.c =================================================================== RCS file: /repository/php4/ext/standard/basic_functions.c,v retrieving revision 1.357 diff -u -r1.357 basic_functions.c --- ext/standard/basic_functions.c 2001/07/09 10:20:40 1.357 +++ ext/standard/basic_functions.c 2001/07/09 16:24:03 @@ -268,6 +268,7 @@ #endif PHP_FE(getmyuid, NULL) + PHP_FE(getmygid, + NULL) PHP_FE(getmypid, NULL) PHP_FE(getmyinode, NULL) PHP_FE(getlastmod, NULL) @@ -846,6 +847,7 @@ BG(mmap_file) = NULL; #endif BG(page_uid) = -1; + BG(page_gid) = -1; BG(page_inode) = -1; BG(page_mtime) = -1; #ifdef HAVE_PUTENV Index: ext/standard/basic_functions.h =================================================================== RCS file: /repository/php4/ext/standard/basic_functions.h,v retrieving revision 1.80 diff -u -r1.80 basic_functions.h --- ext/standard/basic_functions.h 2001/05/22 19:19:04 1.80 +++ ext/standard/basic_functions.h 2001/07/09 16:24:03 @@ -155,6 +155,7 @@ /* pageinfo.c */ long page_uid; + long page_gid; long page_inode; long page_mtime; Index: ext/standard/pageinfo.c =================================================================== RCS file: /repository/php4/ext/standard/pageinfo.c,v retrieving revision 1.23 diff -u -r1.23 pageinfo.c --- ext/standard/pageinfo.c 2001/06/06 13:05:51 1.23 +++ ext/standard/pageinfo.c 2001/07/09 16:24:03 @@ -49,9 +49,10 @@ pstat = sapi_get_stat(); - if (BG(page_uid)==-1) { + if (BG(page_uid)==-1 || BG(page_gid)==-1) { if(pstat) { BG(page_uid) = pstat->st_uid; + BG(page_gid) = pstat->st_gid; BG(page_inode) = pstat->st_ino; BG(page_mtime) = pstat->st_mtime; } @@ -70,6 +71,14 @@ } /* }}} */ +long php_getgid(void) +{ + BLS_FETCH(); + + php_statpage(BLS_C); + return (BG(page_gid)); +} + /* {{{ proto int getmyuid(void) Get PHP script owner's UID */ PHP_FUNCTION(getmyuid) @@ -81,6 +90,21 @@ RETURN_FALSE; } else { RETURN_LONG(uid); + } +} +/* }}} */ + +/* {{{ proto int getmygid(void) + Get PHP script owner's GID */ +PHP_FUNCTION(getmygid) +{ + long gid; + + gid = php_getgid(); + if (gid < 0) { + RETURN_FALSE; + } else { + RETURN_LONG(gid); } } /* }}} */ Index: ext/standard/pageinfo.h =================================================================== RCS file: /repository/php4/ext/standard/pageinfo.h,v retrieving revision 1.6 diff -u -r1.6 pageinfo.h --- ext/standard/pageinfo.h 2001/02/26 06:07:23 1.6 +++ ext/standard/pageinfo.h 2001/07/09 16:24:03 @@ -22,10 +22,12 @@ #define PAGEINFO_H PHP_FUNCTION(getmyuid); +PHP_FUNCTION(getmygid); PHP_FUNCTION(getmypid); PHP_FUNCTION(getmyinode); PHP_FUNCTION(getlastmod); extern long php_getuid(void); +extern long php_getgid(void); #endif Index: main/main.c =================================================================== RCS file: /repository/php4/main/main.c,v retrieving revision 1.371 diff -u -r1.371 main.c --- main/main.c 2001/07/02 18:17:09 1.371 +++ main/main.c 2001/07/09 16:24:04 @@ -213,6 +213,7 @@ STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_ALL, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_globals", "1", PHP_INI_ALL, OnUpdateBool, register_globals, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals) + STD_PHP_INI_BOOLEAN("safe_mode_gid", "0", +PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid, + php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("short_open_tag",DEFAULT_SHORT_OPEN_TAG, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags, zend_compiler_globals, compiler_globals) STD_PHP_INI_BOOLEAN("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("track_errors", "0", PHP_INI_ALL, OnUpdateBool, track_errors, php_core_globals, core_globals) Index: main/php_globals.h =================================================================== RCS file: /repository/php4/main/php_globals.h,v retrieving revision 1.63 diff -u -r1.63 php_globals.h --- main/php_globals.h 2001/04/04 20:46:26 1.63 +++ main/php_globals.h 2001/07/09 16:24:07 @@ -68,6 +68,7 @@ zend_bool implicit_flush; zend_bool safe_mode; + zend_bool safe_mode_gid; zend_bool sql_safe_mode; zend_bool enable_dl; Index: main/safe_mode.c =================================================================== RCS file: /repository/php4/main/safe_mode.c,v retrieving revision 1.30 diff -u -r1.30 safe_mode.c --- main/safe_mode.c 2001/06/06 13:05:53 1.30 +++ main/safe_mode.c 2001/07/09 16:24:07 @@ -29,6 +29,7 @@ #include "ext/standard/pageinfo.h" #include "safe_mode.h" #include "SAPI.h" +#include "php_globals.h" /* @@ -46,7 +47,7 @@ { struct stat sb; int ret; - long uid=0L, duid=0L; + long uid=0L, gid=0L, duid=0L, dgid=0L; char *s; if (!filename) { @@ -120,6 +121,8 @@ } if (duid == (uid=php_getuid())) { return 1; + } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) { + return 1; } else { SLS_FETCH(); @@ -129,7 +132,11 @@ } } - php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid); + if (PG(safe_mode_gid)) { + php_error(E_WARNING, "SAFE MODE Restriction in effect. The +script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid +%ld/%ld", uid, gid, filename, duid, dgid); + } else { + php_error(E_WARNING, "SAFE MODE Restriction in effect. The +script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, +duid); + } return 0; } }
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]