jeroen Wed Jul 11 18:09:41 2001 EDT
Modified files:
/phpdoc/en/features safe-mode.xml
/phpdoc/en language-snippets.ent
Log:
Updated safe-mode with list of functions.
This breaks ALL translations, because of a change in language-snippets.ent
Whould someone PLEASE correct this for every language? (and not only his
own)
Index: phpdoc/en/features/safe-mode.xml
diff -u phpdoc/en/features/safe-mode.xml:1.3 phpdoc/en/features/safe-mode.xml:1.4
--- phpdoc/en/features/safe-mode.xml:1.3 Tue Jul 10 17:12:59 2001
+++ phpdoc/en/features/safe-mode.xml Wed Jul 11 18:09:40 2001
@@ -1,3 +1,4 @@
+ <!-- $Revision: 1.4 $ -->
<chapter id="features.safe-mode">
<title>Safe mode</title>
@@ -66,6 +67,154 @@
/docroot/script.php on line 2
</programlisting>
</para>
+
+ <sect1 id="features.safe-mode.functions">
+ <title>Functions restricted/disabled by safe-mode</title>
+ <para>
+ This is a still probably incomplete and possibly incorrect listing
+ of the functions limited by
+ <link linkend="features.safe-mode">safe-mode</link>.
+ <!-- TODO: add ¬e.sm.*; to the functions mentioned here.
+ That entity should link to this section -->
+ <table>
+ <title>Safe-mode limited functions</title>
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>Function</entry>
+ <entry>Limitations</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry><function>dbmopen</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>dbase_open</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>filepro</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>filepro_rowcount</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>filepro_retrieve</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>imap_thread</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>ifxus_tell_slob</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>muscat_close</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>pg_loimport</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>posix_mkfifo</function></entry>
+ <entry>&sm.uidcheck.dir;</entry>
+ </row>
+ <row>
+ <entry><function>putenv</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>move_uploaded_file</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>chdir</function></entry>
+ <entry>&sm.uidcheck.dir;</entry>
+ </row>
+ <row>
+ <entry><function>dl</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>shell_exec</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry><function>popen</function></entry>
+ <entry>&sm.uidcheck.dir; <!-- not sure!! --></entry>
+ </row>
+ <row>
+ <entry><function>mkdir</function></entry>
+ <entry>&sm.uidcheck.dir;</entry>
+ </row>
+ <row>
+ <entry><function>rmdir</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>rename</function></entry>
+ <entry>&sm.uidcheck; <!-- on the old name only, it seems --></entry>
+ </row>
+ <row>
+ <entry><function>unlink</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>copy</function></entry>
+ <entry>&sm.uidcheck; <!-- source AND target,should be noted --></entry>
+ </row>
+ <row>
+ <entry><function>chgrp</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>chown</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>chmod</function></entry>
+ <entry>&sm.uidcheck; <!-- there is more than this,
+ i believe you can't set the SUID/SGID/sticky bits? --></entry>
+ </row>
+ <row>
+ <entry><function>touch</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>symlink</function></entry>
+ <entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
+ </row>
+ <row>
+ <entry><function>link</function></entry>
+ <entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
+ </row>
+ <row>
+ <entry><function>ob_gzhandler</function></entry>
+ <entry>&sm.uidcheck;</entry>
+ </row>
+ <row>
+ <entry><function>getallheaders</function></entry>
+ <entry>??</entry>
+ </row>
+ <row>
+ <entry>Any function that uses
+ <filename>php4/main/fopen_wrappers.c</filename>
+ </entry>
+ <entry>??</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ </para>
+ </sect1>
+
</chapter>
<!-- Keep this comment at the end of the file
@@ -83,4 +232,5 @@
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
+vim: ts=1 sw=1 et syntax=sgml
-->
Index: phpdoc/en/language-snippets.ent
diff -u phpdoc/en/language-snippets.ent:1.5 phpdoc/en/language-snippets.ent:1.6
--- phpdoc/en/language-snippets.ent:1.5 Wed Jul 11 14:16:05 2001
+++ phpdoc/en/language-snippets.ent Wed Jul 11 18:09:40 2001
@@ -1,4 +1,4 @@
-<!-- $Id: language-snippets.ent,v 1.5 2001/07/11 18:16:05 jeroen Exp $ -->
+<!-- $Id: language-snippets.ent,v 1.6 2001/07/11 22:09:40 jeroen Exp $ -->
@@ -9,11 +9,30 @@
<!ENTITY return.success 'Returns &true; on succes, &false; on failure.'>
+<!-- Various notes -->
<!ENTITY note.not-bin-safe '<warning><simpara>This function is not (yet) binary
safe!</simpara></warning>'>
-
<!ENTITY note.bin-safe '<note><simpara>This function is binary-safe</simpara></note>'>
-
<!ENTITY note.no-windows '<note><simpara>This function is not implemented on
Windows-platforms</simpara></note>'>
-<!ENTITY note.no-safemode '<note><simpara>This function is disabled when safe-mode is
enabled.</simpara></note>'>
-<!ENTITY note.limited-safemode '<note><simpara>The behaviour of this function is
limited when safe-mode is enabled.</simpara></note>'>
+<!-- Notes for safe-mode limited functions: -->
+<!ENTITY note.sm.disabled '<note><simpara>&sm.disabled;</simpara></note>'>
+<!ENTITY note.sm.uidcheck '<note><simpara>When <link
+linkend="features.safe-mode">safe-mode</link> is enabled, PHP checks whether
+the file(s)/directories you are about to operate on, have the same UID as the
+script that is being executed.</simpara></note>'>
+<!ENTITY note.sm.uidcheck.dir '<note><simpara>When <link
+linkend="features.safe-mode">safe-mode</link> is enabled, PHP checks whether
+the directory in which you are about to operate, have the same UID as the
+script that is being executed.</simpara></note>'>
+
+<!-- Common pieces in features/safe-mode.xml
+ Jade doesn't allow in-line entities, so I put them here... Though they
+ should have been inline in safe-mode.xml -->
+<!ENTITY sm.uidcheck 'Checks whether the file(s)/directories you are
+about to operate on, have the same UID as the script that is being
+executed.'>
+<!ENTITY sm.uidcheck.dir 'Checks whether the directory in which
+you are about to operate, has the same UID as the script that is being
+executed.'>
+<!ENTITY sm.disabled 'This functions is disabled in <link
+linkend="features.safe-mode">safe-mode</link>'>
