Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:31374 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 88935 invoked by uid 1010); 2 Aug 2007 11:43:25 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 88919 invoked from network); 2 Aug 2007 11:43:25 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Aug 2007 11:43:25 -0000 Authentication-Results: pb1.pair.com header.from=helly@php.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=helly@php.net; spf=unknown; sender-id=unknown Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 85.214.94.56 as permitted sender) X-PHP-List-Original-Sender: helly@php.net X-Host-Fingerprint: 85.214.94.56 aixcept.net Linux 2.6 Received: from [85.214.94.56] ([85.214.94.56:54697] helo=h1149922.serverkompetenz.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 60/D0-06390-1E2C1B64 for ; Thu, 02 Aug 2007 07:41:22 -0400 Received: from dhcp-172-30-11-223.zrh.corp.google.com (unknown [216.239.55.7]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by h1149922.serverkompetenz.net (Postfix) with ESMTP id BDE691B3524; Thu, 2 Aug 2007 13:41:18 +0200 (CEST) Date: Thu, 2 Aug 2007 13:41:18 +0200 Reply-To: Marcus Boerger X-Priority: 3 (Normal) Message-ID: <403752205.20070802134118@marcus-boerger.de> To: Ilia Alshanetsky CC: Stanislav Malyshev , 'PHP Internals' In-Reply-To: References: <46B129BE.3050807@zend.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] ini system patch From: helly@php.net (Marcus Boerger) Hello Ilia, as much as i agree with ading the stage it is a BC issue! Thursday, August 2, 2007, 3:26:00 AM, you wrote: > Stas, > It looks like the best solution in this case. I don't like the idea > of introducing another INI stage in minor release, but I can't think > of a better way to address this issue at this time and I cannot > imagine it breaking much stuff. > On 1-Aug-07, at 8:47 PM, Stanislav Malyshev wrote: >> Hi! >> >> The attached patch implements the following improvement in Apache >> module configuration handling: >> >> New INI stage is introduced - ZEND_INI_STAGE_HTACCESS and values >> set in .htaccess are passed to handlers with >> ZEND_INI_STAGE_HTACCESS instead of ZEND_INI_STAGE_ACTIVATE. >> >> The reason for this is that there are values - one of them being >> session.save_handler - that we want to allow administrator to set >> to arbitrary values, even not inside open_basedir/safe_mode >> restrictions, while we do want user-set values to be inside limits. >> The problem was that right now there's no way to see if the value >> is set from httpd.conf (admin) or from .htaccess (frequently user- >> accessible and user-writable). This patch enables to make such >> distinction. >> I don't see any modules depending on ZEND_INI_STAGE_ACTIVATE but if >> there would be they can easily be fixed to work with >> ZEND_INI_STAGE_HTACCESS too. The attached patch is for apache2 SAPI >> only, but same one would be needed for apache1 API. >> >> This patch will allow proper fix for CVE-2007-3378 (current one >> breaks BC). >> >> Comments/objections? >> -- >> Stanislav Malyshev, Zend Software Architect >> stas@zend.com http://www.zend.com/ >> (408)253-8829 MSN: stas@zend.com >> Index: Zend/zend_ini.h >> =================================================================== >> RCS file: /repository/ZendEngine2/zend_ini.h,v >> retrieving revision 1.34.2.1.2.3 >> diff -u -r1.34.2.1.2.3 zend_ini.h >> --- Zend/zend_ini.h 1 Jan 2007 09:35:46 -0000 1.34.2.1.2.3 >> +++ Zend/zend_ini.h 2 Aug 2007 00:40:52 -0000 >> @@ -189,6 +189,7 @@ >> #define ZEND_INI_STAGE_ACTIVATE (1<<2) >> #define ZEND_INI_STAGE_DEACTIVATE (1<<3) >> #define ZEND_INI_STAGE_RUNTIME (1<<4) >> +#define ZEND_INI_STAGE_HTACCESS (1<<5) >> >> /* INI parsing engine */ >> typedef void (*zend_ini_parser_cb_t)(zval *arg1, zval *arg2, int >> callback_type, void *arg); >> Index: sapi/apache2handler/apache_config.c >> =================================================================== >> RCS file: /repository/php-src/sapi/apache2handler/apache_config.c,v >> retrieving revision 1.7.2.1.2.2 >> diff -u -r1.7.2.1.2.2 apache_config.c >> --- sapi/apache2handler/apache_config.c 1 Jan 2007 09:36:12 -0000 >> 1.7.2.1.2.2 >> +++ sapi/apache2handler/apache_config.c 2 Aug 2007 00:40:52 -0000 >> @@ -51,6 +51,7 @@ >> char *value; >> size_t value_len; >> char status; >> + char htaccess; >> } php_dir_entry; >> >> static const char *real_value_hnd(cmd_parms *cmd, void *dummy, >> const char *name, const char *value, int status) >> @@ -67,7 +68,8 @@ >> e.value = apr_pstrdup(cmd->pool, value); >> e.value_len = strlen(value); >> e.status = status; >> - >> + e.htaccess = ((cmd->override & (RSRC_CONF|ACCESS_CONF)) == 0); >> + >> zend_hash_update(&d->config, (char *) name, strlen(name) + 1, &e, >> sizeof(e), NULL); >> return NULL; >> } >> @@ -170,7 +172,7 @@ >> zend_hash_move_forward(&d->config)) { >> zend_hash_get_current_data(&d->config, (void **) &data); >> phpapdebug((stderr, "APPLYING (%s)(%s)\n", str, data->value)); >> - if (zend_alter_ini_entry(str, str_len, data->value, data- >> >value_len, data->status, PHP_INI_STAGE_ACTIVATE) == FAILURE) { >> + if (zend_alter_ini_entry(str, str_len, data->value, data- >> >value_len, data->status, data->htaccess? >> ZEND_INI_STAGE_HTACCESS:PHP_INI_STAGE_ACTIVATE) == FAILURE) { >> phpapdebug((stderr, "..FAILED\n")); >> } >> } >> >> -- >> PHP Internals - PHP Runtime Development Mailing List >> To unsubscribe, visit: http://www.php.net/unsub.php > Ilia Alshanetsky Best regards, Marcus