Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:6649
Return-Path: <smith@backendmedia.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 4821 invoked by uid 1010); 20 Dec 2003 12:25:26 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 4796 invoked from network); 20 Dec 2003 12:25:25 -0000
Received: from unknown (HELO mail.dybnet.de) (195.75.116.242)
  by pb1.pair.com with SMTP; 20 Dec 2003 12:25:25 -0000
Received: (qmail 25112 invoked by uid 508); 20 Dec 2003 12:28:19 -0000
Received: from unknown (HELO vandal) (vandal@213.54.197.46)
  by www.dybnet.de with RC4-MD5 encrypted SMTP; 20 Dec 2003 12:28:19 -0000
To: =?iso-8859-2?Q?'ing.Martin_Pr=E1=B9ek'?= <prasek@silesia.cz>,
	<internals@lists.php.net>
Date: Sat, 20 Dec 2003 13:23:46 +0100
Organization: BackendMedia GbR
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
In-Reply-To: <006501c3c6f2$9002e540$d300a8c0@webpropag.cz>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Thread-Index: AcPG9AJVoZovSffnQuinJXd3FCsOzwAAEiug
Subject: RE: [PHP-DEV] Extending PHP  with sandbox capability ? 
From: smith@backendmedia.com ("Lukas Smith")
Message-ID: <php.internals-6649@news.php.net>
References: <006501c3c6f2$9002e540$d300a8c0@webpropag.cz>

> From: ing.Martin Pr=E1=B9ek [mailto:prasek@silesia.cz]
> Sent: Saturday, December 20, 2003 1:12 PM
=20
> Sandbox ?
>=20
> I have been forced to create PHP application that need inside  =
execution
> of  code snipplets  from untrusted users and do it as secure as =
possible.
> I see it is not possible for some security raesons. (db
> connection,resources etc.). So I suggest to add a simple sandbox
> capability to PHP language, that help avoid security risk in =
situations
> where executing of 3rd party code inside of some application is =
needed.

<snip>

While syntactically not ideal here is a very flexible example to build =
off:
http://www.rubycentral.com/book/taint.html

BTW: if PHP wants to be the ultimate template engine it needs such a
feature. Due to PHP's flexibility its really hard to check the source =
for
potentially dangerous code so if you allow users to edit/add templates =
to
your system you have to trust them all the way if you are going to
include/require those template instead of simply pushing data into them =
and
then echo'ing them.

Regards,
Lukas=20