Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:105610
Return-Path: <arvids.godjuks@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 29262 invoked from network); 7 May 2019 13:33:53 -0000
Received: from unknown (HELO mail-wr1-f43.google.com) (209.85.221.43)
  by pb1.pair.com with SMTP; 7 May 2019 13:33:53 -0000
Received: by mail-wr1-f43.google.com with SMTP id a12so11486780wrn.4
        for <internals@lists.php.net>; Tue, 07 May 2019 03:37:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=53MTr40sTOjaLsVxY5ePP4k1mwTHcjHmcxHMYE1pBm0=;
        b=o/RYem9CB5xIBY2U/VHavPn11cOi8WZ2RkXf/5ExADV+XJwf0mCXmLKR/GWQ7AvLge
         p8MxPnC/RR0cxAq9Wzg9UkXZcB44sbGfDTGCF1Cstb/aMT9Ix6r1E9YVoonpLlRn3reI
         OTUku/2oxXke1zdJvC9vBXOoN2cBfZhPaMVnuAZgmDeOnKeXfd3tA9Nv3fbiG9SzE3YG
         FPvrSxaLQKlA8UO5SHbq8Hw5niKmv4cku6jpZ78eCwZFcDQRqFcEY/50RFXxFKwh5/jk
         EheXSlaj/khJy0scx9Mup9oIhL/Sxlix8iogK1lICyGNOR6DlL4m7wltjjsdtLn6Fr8r
         JQbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=53MTr40sTOjaLsVxY5ePP4k1mwTHcjHmcxHMYE1pBm0=;
        b=mBzn/mKNC4W8R5FOxa20j4uqXzL4sTYV+BmJjfRNWOCE5VpA64E6Bd5sSYEybo5itp
         b4+2yG/KpMOdxjSilzc8jC21qPKyjLcVEqGNghFvk0Bkesqv1VPKI8F2BcdA4/5kfR8g
         6vv0+dGaLpRA1zNKb8F/3FFunYh5z56DruNNjPKKqpaaYyBmUJGWR+C7vnRBbLlji9VS
         EtyU0YeKSWROE1C5S67SoHEWyrwBnMFKyLhZc7bxQDypJr3LLrG8oG4eALJMI4FitBWX
         EPfbP+bsQoLptl3zx4UdhAAdPiHdeUMvd386ns5CpW5SWvJPXbCQJgqBw/5J5BxcGYtr
         9Xzg==
X-Gm-Message-State: APjAAAWAjyxCgGKSbu2Cd/mvlBbpHRPdHuG2hv1C6Iz2gtBkvGZG0AFd
	79Z2Suav+n4euULOvudBt5+ZS0eKge1T78Lo4cQ=
X-Google-Smtp-Source: APXvYqzjI5TvowHmw8qCTZjd31vhdZFN5K7ZHXZIVSNlf8tqtVMs1oh352XNWLjUmaWqa3egyKRdV4q63ARNlE5Mggg=
X-Received: by 2002:adf:d4ca:: with SMTP id w10mr6017856wrk.293.1557225464724;
 Tue, 07 May 2019 03:37:44 -0700 (PDT)
MIME-Version: 1.0
References: <CAF+90c-4-R4SYY_AAL679ZYBn2QAZTYAGXH6E6Bz1hYGN=MFcA@mail.gmail.com>
 <CAOwTYAv_kmgqoLvqqsp04ajh0RyPTxqGg3z_zBTx6hX_ydTxrw@mail.gmail.com> <CAOkcCt_jEbzwX3ukj1dreL910Effz-vBo8YJGQ5iN=5tkvFJCg@mail.gmail.com>
In-Reply-To: <CAOkcCt_jEbzwX3ukj1dreL910Effz-vBo8YJGQ5iN=5tkvFJCg@mail.gmail.com>
Date: Tue, 7 May 2019 12:37:18 +0200
Message-ID: <CAL0xaBHSM_KR=tWXCE_njrgTddK27zZCx-m1VkDOL1jJd8c_dA@mail.gmail.com>
To: Gert <gertp93@gmail.com>
Cc: Joe Watkins <krakjoe@gmail.com>, Nikita Popov <nikita.ppv@gmail.com>, 
	PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000a90429058849cef7"
Subject: Re: [PHP-DEV] open_basedir?
From: arvids.godjuks@gmail.com (Arvids Godjuks)

--000000000000a90429058849cef7
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hello,

as an end-user, I'd say that it should go the way of the dinosaurs as
request globals and alike went - these days there are a lot of ways to do
it better and way more securely.

Makes it easier on everyone and removes abuse of it for security purposes.
Deprecate 7.4, dump it in 8.0.

Implement a & b to warn people.

=D0=B2=D1=82, 7 =D0=BC=D0=B0=D1=8F 2019 =D0=B3. =D0=B2 12:25, Gert <gertp93=
@gmail.com>:

> Hello,
>
> If the plan is to remove it in 8.0, then i'd say its beneficial to alread=
y
> deprecate it in 7.4. This will give users an earlier warning that these
> upgrades need to happen.
>
> Cheers
>
> On Tue, 7 May 2019 at 12:18, Joe Watkins <krakjoe@gmail.com> wrote:
>
> > Morning Nikita,
> >
> > It would be wise to do a) and b) regardless of whether it's going to be
> > removed.
> >
> > I think +1 on removing it in 8 ... I'm not sure if it should be
> deprecated
> > in 7.4 first, or how that would work ?
> >
> > Cheers
> > Joe
> >
> > On Tue, 7 May 2019 at 12:11, Nikita Popov <nikita.ppv@gmail.com> wrote:
> >
> > > Hi internals,
> > >
> > > The open_basedir ini setting has two significant problems:
> > >
> > > 1. It is a major performance hit, because it disables the realpath
> cache.
> > >
> > > 2. Many people think it is a security feature and use it as such.
> > However,
> > > open_basedir is in reality a "best effort" mechanism, with known
> > > workarounds and more regularly being found. Especially when it comes =
to
> > > interactions with 3rd party libraries, enforcing open_basedir is simp=
ly
> > > impossible.
> > >
> > > What open_basedir tries to do must be implemented on the operating
> system
> > > level to work reliably (and of course such mechanisms exist, such as
> > jails,
> > > chroot and friends).
> > >
> > > I wonder if it is feasible to drop this ini setting? Enforcing this
> > doesn't
> > > really seem like any of PHP's business. If not, I think we need to at
> > least
> > >
> > > a) make it clear in the documentation that this is *not* a security
> > option
> > > and only exists to prevent "accidents" and
> > > b) update the security policy (https://wiki.php.net/security) to stat=
e
> > > that
> > > open_basedir bypasses are not security issues. I believe this has bee=
n
> > part
> > > of Debian's security policy for some time already.
> > >
> > > Regards,
> > > Nikita
> > >
> >
>


--=20
Arv=C4=ABds Godjuks

+371 26 851 664
arvids.godjuks@gmail.com
Skype: psihius
Telegram: @psihius https://t.me/psihius

--000000000000a90429058849cef7--