Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:27494
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: pass (pb1.pair.com: domain zend.com designates 212.25.124.162 as permitted sender)
Message-ID: <45AD8036.1050202@zend.com>
Date: Tue, 16 Jan 2007 17:47:34 -0800
Organization: Zend Technologies
User-Agent: Thunderbird 2.0b1 (Windows/20061206)
MIME-Version: 1.0
To: Gregory Beaver <greg@chiaraquartet.net>
CC: Stefan Esser <sesser@hardened-php.net>, 
 Marcus Boerger <helly@php.net>,
 "internals@lists.php.net" <internals@lists.php.net>
References: <F1076B95-2D05-4690-AE84-21FC0552F17A@ch2o.info> <45A8FC49.7050909@hardened-php.net> <45A90809.3050008@lerdorf.com> <45A91002.8020607@hardened-php.net> <526994769.20070113181330@marcus-boerger.de> <Pine.LNX.4.64.0701141301180.32133@mail.zend.com> <45AA116F.7020109@hardened-php.net> <Pine.LNX.4.64.0701141436460.16363@mail.zend.com> <45AA961D.4090401@php.net> <45AD416E.4020502@zend.com> <45AD76BF.6050305@chiaraquartet.net>
In-Reply-To: <45AD76BF.6050305@chiaraquartet.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Comments on PHP security
From: stas@zend.com (Stanislav Malyshev)

> Actually, the solution I was envisioning would not allow any access to
> fsockopen() or other remote streams access things inside a user stream
> wrapper.

Are you sure you can evaluate ALL engine functions that allow accessing 
remote data? Looks dangerously like safe mode...
-- 
Stanislav Malyshev, Zend Products Engineer
stas@zend.com  http://www.zend.com/