Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:124820
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by qa.php.net (Postfix) with ESMTPS id DF3951A00B7
	for <internals@lists.php.net>; Wed,  7 Aug 2024 11:02:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1723028642; bh=zH1YpIXHbzywM+kQfNRst9TUoDUklTZGhkHhlggvy+c=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=ZihcBFlrBsbizFtbBu+XQrSwBJpoUSsF8QeVonMEwo12lxfobHHjkLfwjqc+wT5Di
	 5YKY8Mm+yiG2aCogSW8JYx5CXvJW6miGGqZ5JNeMRo5gQE2fffdAHLX5IpKz3aeyGM
	 YJCUUA9C85eoVXCZsO+pppocTkSpCJme+pQZIaMEbg/Kbpm4nMSazfMcJKPsgpg+5B
	 xuVuDy3vkKQN+u1xjAly1MJDPUVvA4TL9BXRmsOCb5SIkSZehbZiL3UNJ/3e64yK60
	 X4SAutqZTsEi04VuM9J6spIzOLJ2KZNTK23jF2Zv+wxOU3Wn1lNh8e17R1LebKZwjg
	 50rL0TKSlkdfg==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id C34B118004A
	for <internals@lists.php.net>; Wed,  7 Aug 2024 11:04:01 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,FREEMAIL_FROM,
	HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <pierre.php@gmail.com>
Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com [209.85.216.53])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed,  7 Aug 2024 11:04:01 +0000 (UTC)
Received: by mail-pj1-f53.google.com with SMTP id 98e67ed59e1d1-2cb4c584029so1306600a91.3
        for <internals@lists.php.net>; Wed, 07 Aug 2024 04:02:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1723028538; x=1723633338; darn=lists.php.net;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=KfZ0b27MsDYQ1aTTEAre65h3LlsCBRTykcy8zQUGlqM=;
        b=bP8aomhqBEsYfUt4C4vkPQouNrvIf9dSKhdkzVSFOUZmkwGbAf0gHeZFh3btfLAvtq
         s1se5WO+Y4JeE3LnR/VP50xomcvUlkBB1PTzPCdyDophJ2Jc4yCfV0iHntjuvXfLPWKW
         4VpAhsdJcQvDNg73ARchm9IX7o7gV53wHZbFaF8MOdIP42N76B8fkNaAZ5vYiACuIa0j
         YivAocmjOj/XW3anzwYMBOvJO20+jCs9FS7JlBldYbe1H6IfoQEU7DzvwV7AOIBcfM8c
         WhIYokUQ3q1Y0q9hFauPvVg2OAKDEraght8191I92t+1U8JCo7MWfuqMiasGbfG0Vy6r
         0Q5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1723028538; x=1723633338;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=KfZ0b27MsDYQ1aTTEAre65h3LlsCBRTykcy8zQUGlqM=;
        b=itwjsD9cjKKsyeyRoad2sNBn1J+ylYjOyQFo5zNigP41DDRYhvt5LwFpDAGYrd6HpH
         zaTLPRd4JshEmJTB5yDGkDOzEXqp4CzJlboixAPz1uwQ2I9UbzgXfzlbTOVho5W7rPjB
         OJRmOc2UtcmyW4l8leJfd6SQzwVTZH62eyxSKvrTdj/e+XoAywuFlD5AlhbUTSderaoD
         HCQeEsGSeohlBqm0OYF+XIKuJB/Ml5uN5TD9+N4G+TIYLcZjBuE2UqVxzRZUW+vXs12+
         IuH08PGY/3YCbu4Yy4Eb/OJttTvs6jlSq0qhRsyRvBoQf+YoGLptf9FDufavVv0wXIQi
         9MwQ==
X-Gm-Message-State: AOJu0Ywo5SMNyaJJdi4+aGYj+UJX5AWpbP6/JEouTmb/O6+SwO57VzAt
	FBPBJj44GZdSrq54vcHD2A8NCetJWfProwLTJQXfYvcMsMwTy7SQmyXR9TfT2WYoLjf29OSui+e
	l5/CgF0wcDRzyxaDpeI+sTpybs21ILbI+
X-Google-Smtp-Source: AGHT+IG0x6g7pcn6akBGdQVEEa6MxcCgLiJXc45NY36Q9JVOImzZzATJfW+z0SnP6CHf3CrOOrTx/B+j/J7MkRce1r8=
X-Received: by 2002:a17:90b:38cd:b0:2c9:63a4:a138 with SMTP id
 98e67ed59e1d1-2cff9412bb4mr16612784a91.11.1723028538050; Wed, 07 Aug 2024
 04:02:18 -0700 (PDT)
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
x-ms-reactions: disallow
MIME-Version: 1.0
References: <e08f6af322dcc5b4e4dd5e772f28be07ffa07ba4.camel@ageofdream.com>
 <c510eb675bd0038efbbe5489bebd42ff7438e967.camel@ageofdream.com>
 <7d9a9752-a202-4099-a60a-2686d4265d96@gmail.com> <ffc9c850-06f1-4937-be55-b9e2cc614dfb@app.fastmail.com>
In-Reply-To: <ffc9c850-06f1-4937-be55-b9e2cc614dfb@app.fastmail.com>
Date: Wed, 7 Aug 2024 18:02:06 +0700
Message-ID: <CAEZPtU4-Qtvx_OkKtM45erUtemjJeHA=qVkpBid1pX0sO=SKPg@mail.gmail.com>
Subject: Re: [PHP-DEV] [Discussion] Sandbox API
To: Rob Landers <rob@bottled.codes>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000f2d12f061f15d7a7"
From: pierre.php@gmail.com (Pierre Joye)

--000000000000f2d12f061f15d7a7
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 7, 2024, 2:11=E2=80=AFAM Rob Landers <rob@bottled.codes> wrote:

>
> I find this assertion kind of scary from a shared hosting perspective or
> even from a 3v4l kind of perspective. How do these services protect
> themselves if php is inherently insecure?
>

php is not inherently insecure. not even remotely and quite the opposite.

Shared hosting is.

This is issue is not specific to php, almost all languages out there will
have the same memory (or else) challenges.

Crypto apis or similar features requiring high level of safety for the data
use various technics to mitigate it (zeroing after use, decrypt mem on
demand only etc).

A bit off topic but with the solutions out there for vps, etc, shared
hosting for anything requiring data safety should be avoided like the pest.


About this feature, it looks, at a first glance,  like an advanced complex
version of safe mode/open base dir, with the additional features. I never
ever had to mock core functions for testing, I would think about a design
issue if it is needed.


But I may be wrong, that would not be a first  :)


cheers,
Pierre

--000000000000f2d12f061f15d7a7
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"auto"><div><br><br><div class=3D"gmail_quote"><div dir=3D"ltr" =
class=3D"gmail_attr">On Wed, Aug 7, 2024, 2:11=E2=80=AFAM Rob Landers &lt;r=
ob@bottled.codes&gt; wrote:</div><blockquote class=3D"gmail_quote" style=3D=
"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><=
br></div><div>I find this assertion kind of scary from a shared hosting per=
spective or even from a 3v4l kind of perspective. How do these services pro=
tect themselves if php is inherently insecure?</div></div></blockquote></di=
v></div><div dir=3D"auto"><br></div><div dir=3D"auto">php is not inherently=
 insecure. not even remotely and quite the opposite.</div><div dir=3D"auto"=
><br></div><div dir=3D"auto">Shared hosting is.</div><div dir=3D"auto"><br>=
</div><div dir=3D"auto">This is issue is not specific to php, almost all la=
nguages out there will have the same memory (or else) challenges.</div><div=
 dir=3D"auto"><br></div><div dir=3D"auto">Crypto apis or similar features r=
equiring high level of safety for the data use various technics to mitigate=
 it (zeroing after use, decrypt mem on demand only etc).</div><div dir=3D"a=
uto"><br></div><div dir=3D"auto">A bit off topic but with the solutions out=
 there for vps, etc, shared hosting for anything requiring data safety shou=
ld be avoided like the pest.=C2=A0</div><div dir=3D"auto"><br></div><div di=
r=3D"auto"><br></div><div dir=3D"auto">About this feature, it looks, at a f=
irst glance,=C2=A0 like an advanced complex version of safe mode/open base =
dir, with the additional features. I never ever had to mock core functions =
for testing, I would think about a design issue if it is needed.</div><div =
dir=3D"auto"><br></div><div dir=3D"auto"><br></div><div dir=3D"auto">But I =
may be wrong, that would not be a first=C2=A0 :)</div><div dir=3D"auto"><br=
></div><div dir=3D"auto"><br></div><div dir=3D"auto">cheers,=C2=A0</div><di=
v dir=3D"auto">Pierre</div><div dir=3D"auto"></div></div>

--000000000000f2d12f061f15d7a7--