Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:30011 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 6632 invoked by uid 1010); 31 May 2007 20:53:35 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 6617 invoked from network); 31 May 2007 20:53:35 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 31 May 2007 20:53:35 -0000 Authentication-Results: pb1.pair.com header.from=wrowe@rowe-clan.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=wrowe@rowe-clan.net; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain rowe-clan.net from 64.202.165.181 cause and error) X-PHP-List-Original-Sender: wrowe@rowe-clan.net X-Host-Fingerprint: 64.202.165.181 smtpauth01.prod.mesa1.secureserver.net Linux 2.4/2.6 Received: from [64.202.165.181] ([64.202.165.181:37845] helo=smtpauth01.prod.mesa1.secureserver.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 8B/A3-17260-DC53F564 for ; Thu, 31 May 2007 16:53:34 -0400 Received: (qmail 2233 invoked from network); 31 May 2007 20:53:30 -0000 Received: from unknown (24.15.193.17) by smtpauth01.prod.mesa1.secureserver.net (64.202.165.181) with ESMTP; 31 May 2007 20:53:30 -0000 Message-ID: <465F35C9.6040705@rowe-clan.net> Date: Thu, 31 May 2007 15:53:29 -0500 User-Agent: Thunderbird 1.5.0.10 (X11/20070302) MIME-Version: 1.0 To: Rasmus Lerdorf CC: "internals@lists.php.net" References: <465F31C8.8030208@rowe-clan.net> <465F32DC.1000702@lerdorf.com> In-Reply-To: <465F32DC.1000702@lerdorf.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Toggling enable_dl API off for runtime? From: wrowe@rowe-clan.net ("William A. Rowe, Jr.") Rasmus Lerdorf wrote: > William A. Rowe, Jr. wrote: >> In httpd server (and most) there is a startup phase, when we generally >> trust what the admin has done, and a runtime phase. There are obvious >> exploits if untrusted scripts can run arbitrary dlload's after startup. >> >> enable_dl in php.ini will obviously override this, but to start up and >> load dynamic extensions, it's initially required to be on. >> >> Is there any sense in having php4apache2 (and other SAPI's) permitted >> to run the entire startup phase of php prior to turning enable_dl back >> off for the runtime phase of the server? > > enable_dl only affects the userspace dl() function. That can only be > called at the runtime phase, as you call it. So what you are proposing > doesn't make much sense. Thank you for clarifying, Rasmus. Since userspace dl() can pollute future requests on the same prefork worker, or pollute other workers running on the threaded/worker style MPM, is there any thought to disabling this by default in at least one of the flavors of proposed php.ini solutions that are provided with the distribution?