Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:29940 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 41840 invoked by uid 1010); 30 May 2007 07:31:34 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 41824 invoked from network); 30 May 2007 07:31:33 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 May 2007 07:31:33 -0000 Authentication-Results: pb1.pair.com smtp.mail=helly@php.net; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=helly@php.net; sender-id=unknown Received-SPF: error (pb1.pair.com: domain php.net from 85.214.94.56 cause and error) X-PHP-List-Original-Sender: helly@php.net X-Host-Fingerprint: 85.214.94.56 aixcept.net Received: from [85.214.94.56] ([85.214.94.56:39177] helo=h1149922.serverkompetenz.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A5/F6-24960-2582D564 for ; Wed, 30 May 2007 03:31:31 -0400 Received: from baumbart.mbo (dslb-084-063-023-012.pools.arcor-ip.net [84.63.23.12]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by h1149922.serverkompetenz.net (Postfix) with ESMTP id D766B1B34C3; Wed, 30 May 2007 09:30:15 +0200 (CEST) Date: Wed, 30 May 2007 09:30:24 +0200 Reply-To: Marcus Boerger X-Priority: 3 (Normal) Message-ID: <133379979.20070530093024@marcus-boerger.de> To: Stanislav Malyshev CC: php-dev In-Reply-To: <465CC25E.9080309@zend.com> References: <464DCB8C.90803@chiaraquartet.net> <464DEF23.3080503@zend.com> <464DF139.6090405@zend.com> <464E1AA8.9050600@php.net> <465CC25E.9080309@zend.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] [PATCH] potential solution to user streams + allow_url_include=off From: helly@php.net (Marcus Boerger) Hello Stanislav, why then not have ini as follows: allow_url_(fopen|include)_(local|user|remote) That is 6 for the six cases - or is that too easy? We could also have the _remote case be an alias to keep the old style and have full consistency. best regards marcus Wednesday, May 30, 2007, 2:16:30 AM, you wrote: > According to the plan below, attached is the patch that restricts user > streams from executing dangerous operations inside include context. > Please comment. >>>> I think the problem could be solved this way: >>>> 0. allow_url_include and allow_url_fopen renamed to >>>> allow_remote_include and allow_remote_fopen (not really necessary, >>>> just much cleaner, if you don't like it, ignore it for now). >>>> 1. By default, allow_remote_inclue=0, allow_remote_fopen=1 >>>> 2. Stream can be of three types - remote, local and user/local. >>>> 3. User streams can be declared when registered as either remote or >>>> user/local, remote being the default. >>>> 4. When operation on user/local stream is run, allow_remote_fopen is >>>> disabled if allow_remote_include was disabled. Best regards, Marcus