Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:3662
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Message-ID: <3F2933BC.8010401@php.net>
Date: Thu, 31 Jul 2003 17:20:28 +0200
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.4) Gecko/20030617
MIME-Version: 1.0
To: Rasmus Lerdorf <rasmus@lerdorf.com>
CC: skate <root@fatcuban.com>,  internals@lists.php.net
References: <059101bffadb$28a33670$1400000a@fatcuban> <Pine.WNT.4.56.0307310738380.2248@DELL>
In-Reply-To: <Pine.WNT.4.56.0307310738380.2248@DELL>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] upload compromises
From: hartmut@php.net (Hartmut Holzgraefe)

Rasmus Lerdorf wrote:
 > I suppose we could suck all the code from the UNIX 'file' command into PHP

we already have ;)

someone at HP already did that for apache and i wrapped it up in ext/mime_magic

 > The only way to upload a file and then execute it is to know
 > a little bit about the web server and upload specific file types the web
 > server is configured to execute.

maybe the request was also about client security?
(just guessing, hard to tell with no links to the mentioned
"bad publicity" in the original message ...)

like maybe windows EXE files getting uploaded to galeries?

sure, the application storing and providing the uploaded files *should*
check that stuff itself, but most probably wont ... :(

what about some mechanism similar to your input filtering stuff that
operates on uploads so that it becomes possible to enforce sitewide
upload policies even in shared hosting environments using some sort
of hooks?

PS to "skate" <root@fatcuban.com>:
   funny that you are worried about php file uploads but not
   about using the root account for communication ;)

-- 
Hartmut Holzgraefe  <hartmut@php.net>