ID: 14370
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Apache related
Operating System: FreeBSD
PHP Version: 4.0.6
New Comment:
The following patch solves this bug by not exporting the PHP_AUTH_*
variables if safe_mode is set.
===8<
--- php-4.1.2/main/main.c.orig-securevars Mon Dec 17 22:19:51
2001
+++ php-4.1.2/main/main.c Mon Mar 11 07:34:40 2002
@@ -1031,10 +1031,10 @@
}
/* PHP Authentication support */
- if (SG(request_info).auth_user) {
+ if (!PG(safe_mode) && SG(request_info).auth_user) {
php_register_variable("PHP_AUTH_USER",
SG(request_info).auth_user, array_ptr TSRMLS_CC);
}
- if (SG(request_info).auth_password) {
+ if (!PG(safe_mode) && SG(request_info).auth_password) {
php_register_variable("PHP_AUTH_PW",
SG(request_info).auth_password, array_ptr TSRMLS_CC);
}
}
Previous Comments:
[2002-03-11 07:36:53] [EMAIL PROTECTED]
The following patch solves this bug by not exporting the PHP_AUTH_*
variables when safe_mode is set.
===8<
--- php-4.1.2/main/main.c.orig-securevars Mon Dec 17 22:19:51
2001
+++ php-4.1.2/main/main.c Mon Mar 11 07:34:40 2002
@@ -1031,10 +1031,10 @@
}
/* PHP Authentication support */
- if (SG(request_info).auth_user) {
+ if (!PG(safe_mode) && SG(request_info).auth_user) {
php_register_variable("PHP_AUTH_USER",
SG(request_info).auth_user, array_ptr TSRMLS_CC);
}
- if (SG(request_info).auth_password) {
+ if (!PG(safe_mode) && SG(request_info).auth_password) {
php_register_variable("PHP_AUTH_PW",
SG(request_info).auth_password, array_ptr TSRMLS_CC);
}
}
[2001-12-06 19:34:29] [EMAIL PROTECTED]
PHP_AUTH_PW is being improperly set when external authentication is
active
on Apache.
I have a directory structure that is protected via Apache
authentication, according
to the PHP documentation the PHP_AUTH_PW should not be available when
external authentication is in use. This is necessary for security
concerns when you
cannot trust the php applications. In any case, w/ php the AUTH_PW is
being
set at all times. Please fix, thanks!
--
Edit this bug report at http://bugs.php.net/?id=14370&edit=1