Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:46017
Return-Path: <greg@chiaraquartet.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 35449 invoked from network); 11 Nov 2009 00:24:51 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 11 Nov 2009 00:24:51 -0000
Authentication-Results: pb1.pair.com header.from=greg@chiaraquartet.net; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=greg@chiaraquartet.net; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain chiaraquartet.net from 209.85.219.227 cause and error)
X-PHP-List-Original-Sender: greg@chiaraquartet.net
X-Host-Fingerprint: 209.85.219.227 mail-ew0-f227.google.com  
Received: from [209.85.219.227] ([209.85.219.227:41123] helo=mail-ew0-f227.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 90/D1-38546-2540AFA4 for <internals@lists.php.net>; Tue, 10 Nov 2009 19:24:50 -0500
Received: by ewy27 with SMTP id 27so737894ewy.23
        for <internals@lists.php.net>; Tue, 10 Nov 2009 16:24:47 -0800 (PST)
Received: by 10.213.2.73 with SMTP id 9mr900426ebi.21.1257899086940;
        Tue, 10 Nov 2009 16:24:46 -0800 (PST)
Received: from monster.local ([76.84.35.200])
        by mx.google.com with ESMTPS id 7sm2902065eyg.25.2009.11.10.16.24.43
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Tue, 10 Nov 2009 16:24:45 -0800 (PST)
Message-ID: <4AFA0449.2030600@chiaraquartet.net>
Date: Tue, 10 Nov 2009 18:24:41 -0600
User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070807)
MIME-Version: 1.0
To: Stanislav Malyshev <stas@zend.com>
CC:  internals@lists.php.net, Christian Schneider <cschneid@cschneid.com>, 
 Lukas Kahwe Smith <mls@pooteeweet.org>
References: <413588E2-8AC8-49F7-B7BF-97BEFB0A71E4@pooteeweet.org> <4AF9A03E.8000207@cschneid.com> <4AF9AE1A.9000005@zend.com> <4AF9C589.3090604@chiaraquartet.net> <4AF9CCEA.1030500@zend.com>
In-Reply-To: <4AF9CCEA.1030500@zend.com>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Re: alternative to the fopen() hack in autoloaders
From: greg@chiaraquartet.net (Greg Beaver)

Stanislav Malyshev wrote:
> Hi!
>
>>> This would break security distinction between file ops and include ops,
>>> when URLs are allowed for open but not include.
>
> Additional thing - it probably would be a problem for bytecode caches,
> since they'd have to:
> a. watch all file opens, in case some of these will later be used for
> include
> b. somehow be able to get filename back from open stream to get the
> cached file.
Hi again,

A good point.  Fortunately, most streams do store the filename in the
stream struct, so this would still probably be possible in the majority
of cases.  If not available, the original requested filename is used
(the one from the fopen call), so opcode caches probably could just use
that.

Greg