Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:29637 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 82995 invoked by uid 1010); 21 May 2007 19:56:07 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 82980 invoked from network); 21 May 2007 19:56:07 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 May 2007 19:56:07 -0000 Authentication-Results: pb1.pair.com smtp.mail=ceo@l-i-e.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=ceo@l-i-e.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain l-i-e.com from 67.139.134.202 cause and error) X-PHP-List-Original-Sender: ceo@l-i-e.com X-Host-Fingerprint: 67.139.134.202 o2.hostbaby.com FreeBSD 4.7-5.2 (or MacOS X 10.2-10.3) (2) Received: from [67.139.134.202] ([67.139.134.202:2543] helo=o2.hostbaby.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 5A/C3-03101-759F1564 for ; Mon, 21 May 2007 15:56:07 -0400 Received: (qmail 83326 invoked by uid 98); 21 May 2007 19:56:04 -0000 Received: from 127.0.0.1 by o2.hostbaby.com (envelope-from , uid 1013) with qmail-scanner-2.01 (clamdscan: 0.88.7/3273. Clear:RC:1(127.0.0.1):. Processed in 0.106643 secs); 21 May 2007 19:56:04 -0000 Received: from localhost (HELO l-i-e.com) (127.0.0.1) by localhost with SMTP; 21 May 2007 19:56:04 -0000 Received: from 216.230.84.67 (SquirrelMail authenticated user ceo@l-i-e.com) by www.l-i-e.com with HTTP; Mon, 21 May 2007 14:56:04 -0500 (CDT) Message-ID: <45771.216.230.84.67.1179777364.squirrel@www.l-i-e.com> In-Reply-To: <464DCB8C.90803@chiaraquartet.net> References: <464DCB8C.90803@chiaraquartet.net> Date: Mon, 21 May 2007 14:56:04 -0500 (CDT) To: "Greg Beaver" Cc: "php-dev" Reply-To: ceo@l-i-e.com User-Agent: Hostbaby Webmail MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: Re: [PHP-DEV] potential solution to user streams + allow_url_include=off From: ceo@l-i-e.com ("Richard Lynch") On Fri, May 18, 2007 10:51 am, Greg Beaver wrote: > The solution: > ============= > Add a new function: stream_wrapper_set_local() So, basically, your function would be similar to: "I'm removing the safety from the gun with which I might shoot myself in the foot." :-) :-) :-) Would it be applied on an individual stream only, or could we consider allowing something not unlike: stream_wrapper_set_local('phar://*'); as a sort of "glob" where only streams that fit the pattern are white-listed. phar://* is probably a bad example... 'phar:///usr/local/lib/php_libs/*' would seem to me to be a pretty clear way to express that phar files found in the local file system at that path are kosher, but nothing else is being white-listed in this call. This would, I think, provide a better balance between security and usability. I have no idea if what I suggest is reasonable to implement or not. It just seems like it "should" be and would be more useful to application developers than having to whitelist streams individually... In fact, I suspect that if you have to call this function on each stream individually, the masses will end up doing something that boils down to: because they'll wrap it up in 20 levels of function calls and OOP obfuscation^H^H^H^H^H^H^H^H^H abstraction, and not realize they've just blown away the safety barrier when they call: stream_wrapper_set_local($stream); down in the guts of their code. YMMV -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So?