Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:26954 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 81085 invoked by uid 1010); 14 Dec 2006 16:17:44 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 81069 invoked from network); 14 Dec 2006 16:17:44 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 14 Dec 2006 16:17:44 -0000 Authentication-Results: pb1.pair.com header.from=s.steffann@computel.nl; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=s.steffann@computel.nl; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain computel.nl from 83.137.20.15 cause and error) X-PHP-List-Original-Sender: s.steffann@computel.nl X-Host-Fingerprint: 83.137.20.15 mail.nederland.net Linux 2.5 (sometimes 2.4) (4) Received: from [83.137.20.15] ([83.137.20.15:48999] helo=mail.nederland.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 87/D1-04864-1B231854 for ; Thu, 14 Dec 2006 06:17:40 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by romeo.computel.nl (Postfix) with ESMTP id 13AA81406B; Thu, 14 Dec 2006 12:17:03 +0100 (CET) Received: from mail.nederland.net ([127.0.0.1]) by localhost (romeo.computel.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nQ0qaFXOl4zh; Thu, 14 Dec 2006 12:16:57 +0100 (CET) Received: from balefirehome (rtr.10ww.steffann.nl [83.137.22.2]) by romeo.computel.nl (Postfix) with ESMTP id 718FC14042; Thu, 14 Dec 2006 12:16:57 +0100 (CET) Message-ID: <005001c71f71$5e877690$64c8a8c0@balefirehome> To: "Markus Fischer" , "Ilia Alshanetsky" Cc: "Stut" , "PHP internals" References: <10536315-883E-4C1A-AF35-386DF4D73F84@prohost.org> <45807AC8.8020907@gmail.com> <515375DA-C752-4F5D-A244-3394C56846DA@prohost.org> <45808461.9070505@gmail.com> <98F4FCCE-94A0-448D-AA27-EABF7E82A7DB@prohost.org> <45812ABB.4060309@fischer.name> Date: Thu, 14 Dec 2006 12:16:57 +0100 Organization: Computel Standby BV MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Subject: Re: [PHP-DEV] mail() logging for PHP From: s.steffann@computel.nl ("Sander Steffann") Hi, >> That is way too much information to include into an e-mail header, this >> would in fact be information disclosure vulnerability in many eyes. The >> log file that you can enable provides you with the full path to the >> script that called mail, which is more then enough to identify the >> offending script and/or application. > > In case someone would use a library installed on the server were the > mail() call e.g. in /usr/lib/PEAR/lib/php/Mail/Transport/PHP_Mail.php > (just an example) would this really help identifying the cause of the > problem? No Domain, no URL, I think it would be hard to determine who > used it. True. Maybe adding both the main-script-name and the name of the script that contains the mail() call might be a good idea. Another solution would be to apply encryption to the information. Then you could put much more information in the extra header without disclosing anything. You could even put all this in: - Timestamp - Server hostname - IP address of the client invoking the script - Requesting URL, including query string - Full path+filename of the main script - Full path+filename of the script that calls mail() - etc Put all this is a nice text, encrypt it (i.e. 3DES, or even RSA/DSA), base64 encode it, and add it in a header. The header might be a little big, but I don't think that will be a big problem for those who want to use it. A small example: Put the following information in the extra header: 1166094481 www.computel.nl 83.137.22.2 http://www.computel.nl/stuff/bla.php?mailto=sander@steffann.nl /var/www/sites/www.computel.nl/stuff/bla.php /usr/lib/PEAR/lib/php/Mail/Transport/PHP_Mail.php Encrypt this with 3des, using password 'something'. (the password could be configured in php.ini, or per virtual host): U2FsdGVkX18+F3ghXdsE6Wkv0mJwtes2Ue0jMHrKfM+vNODH592rrEMZpDdbPtIe vkSnERInTNA86XqZQtlQV+JJneAJexeNWKqhxRh+QHSsishzrq0+l9gfhu9G06LR X3SrZCXtg9irvGIdA1OD5sDkUi7NJTJ7GnrJd6fnrv3wGZTAQlwjIeFm7LRSl8N+ tpkQckXfXYhVzOkGMU6/InE9q3Wo228wkazmXZKW1k1GVYtXPJL7f0JS9DMa3gEr lJR5rnZqNcBVtCW6eVVl9jYU2g58bZLV This can be put directly into a header in the message. The total extra message size would be about 300 bytes. That should be no problem at all. I have seen bigger received: headers in a message. I think this would help a system admin a lot when trying to figure out where all those annoying messages are coming from. What do the rest of you think about this? Thanks, Sander PS: If you need help implementing it, let me know!