Re: [PHP-DEV] safe_mode redesign

2001-02-04 Thread Sander Steffann 

Hi Jason,

I also have some ideas how to improve safe_mode:

- Being able to limit the hosts/ports the socket/mysql/fopen/etc functions
can connect to. I have seen a few cases where a PHP user used the socket
calls to send spam to a mailserver. He/she deleted the script afterwards,
and nobody was able to find out who sent the spam...

- Extend the functionality of open_basedir. This could be used for the
virtual-chroot / shared directories you mentioned.

- I can imagine that the configuration files can become very large when you
want different limits for different groups of users. So maybe a way to make
'shortcuts' for certain settings? For example something like:

php_admin_varbasic_dirs/var/www/shared:...:...:...
php_admin_vardb_users  /var/www/db:/usr/local/php/:...:...
php_admin_varpower_users   $db_users:/var/www/power:...


php_admin_value  open_basedir  $basic_dirs



php_admin_value  open_basedir  $basic_dirs:$db_users



php_admin_value  open_basedir  $basic_dirs:$power_users


This could make managing a lot of virtual hosts very easy.

Just some ideas. I don't know yet how many time I can set aside to help on
implementing security features...
Sander.

- Original Message -
From: "Jason Greene" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, February 01, 2001 9:53 PM
Subject: [PHP-DEV] safe_mode redesign


> Is anyone up for a discussion on the redesign of safe_mode? I would like
to start working on this sometime soon, and I have a lot of
> ideas, but I know this is going to be something of a large debate.
>
> Some of the  new features I think would benefit php include:
>
> * safe_mode_hide_env_vars - will allow extra protection on removing
environmental vars from hosted users ( I actually have a patch
> for this but  I have been waiting on it to discuss the redesign)
>
> * User configurable policy - safe_mode could have configuration directives
to specify exactly what checks are desired
>
> * Virtual Chroot - the ability to perform a chroot to a virtual host
directory structure, so that a hosted user can not access
> anything outside of their directory structure.
>
> * Shared Directories - The ability to specify a list of paths that are
shared amongst all hosted users. This would allow certain
> extensions (gd, oracle, etc) the ability to access the needed datafiles
without failing a safe_mode check.
>
> Any comments, suggestions, other ideas?
>
> -Jason
>
>
> --
> PHP Development Mailing List <http://www.php.net/>
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP-DEV] safe_mode redesign

2001-02-02 Thread php4 

Addressed to: "Jason Greene" <[EMAIL PROTECTED]>
  <[EMAIL PROTECTED]>

** Reply to note from "Jason Greene" <[EMAIL PROTECTED]> Thu, 1 Feb 2001 14:53:12 
-0600
>   
> * Shared Directories - The ability to specify a list of paths that
> are shared amongst all hosted users. This would allow certain
> extensions (gd, oracle, etc) the ability to access the needed
> datafiles without failing a safe_mode check.
>   

please, Please PLEASE include this idea!  I have a strong need for a
system wide shared code repository for PHP.




Rick Widmer
Internet Marketing Specialists
http://www.developersdesk.com

-- 
PHP Development Mailing List 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] safe_mode redesign

2001-02-01 Thread Jason Greene 

Is anyone up for a discussion on the redesign of safe_mode? I would like to start 
working on this sometime soon, and I have a lot of
ideas, but I know this is going to be something of a large debate.

Some of the  new features I think would benefit php include:

* safe_mode_hide_env_vars - will allow extra protection on removing environmental vars 
from hosted users ( I actually have a patch
for this but  I have been waiting on it to discuss the redesign)

* User configurable policy - safe_mode could have configuration directives to specify 
exactly what checks are desired

* Virtual Chroot - the ability to perform a chroot to a virtual host directory 
structure, so that a hosted user can not access
anything outside of their directory structure.

* Shared Directories - The ability to specify a list of paths that are shared amongst 
all hosted users. This would allow certain
extensions (gd, oracle, etc) the ability to access the needed datafiles without 
failing a safe_mode check.

Any comments, suggestions, other ideas?

-Jason


-- 
PHP Development Mailing List 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]