Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:74965 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 71117 invoked from network); 18 Jun 2014 03:49:55 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 18 Jun 2014 03:49:55 -0000 Authentication-Results: pb1.pair.com smtp.mail=rasmus@lerdorf.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=rasmus@lerdorf.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain lerdorf.com from 74.125.82.173 cause and error) X-PHP-List-Original-Sender: rasmus@lerdorf.com X-Host-Fingerprint: 74.125.82.173 mail-we0-f173.google.com Received: from [74.125.82.173] ([74.125.82.173:47048] helo=mail-we0-f173.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 89/20-01877-16C01A35 for ; Tue, 17 Jun 2014 23:49:54 -0400 Received: by mail-we0-f173.google.com with SMTP id t60so199652wes.18 for ; Tue, 17 Jun 2014 20:49:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=arzMgPFw3g/KN2TafknHurbYeFnQqlofhoyf6GHIGT4=; b=Rn/WXTqE3U3WmOPP1leKybl7EpxUg+B45SEhV7CGH/9IwEPlEfNAYJX3SJ6Oj/mNXz 8NAd7NKUNXbD39H/Yll4b9b11vXQHgwFaEUJGM7sz0T98SJlZzSJXD5y39duKQhed3Qw Kl8Faf9Vu2051tY7AovcBxHBsjqKhCX0xpP86krL+cihFul+L3lmfymqk0roEcFaDAuM VVxVRz8Vzoq9SSO5a7zYjnxFYaplnn4eCXzjCqwXL9ZcaWnDJs05XYrcVdOCD4JwkD3F Py++qjZOskzs5cKxBLWwg7UrWK9dqOrngerzXCgv+vusUZCFBXKKWpQbz1tdS5eIKR6l jeRA== X-Gm-Message-State: ALoCoQlHMhwqXkXTeDfEFgg4JgBlgeu6BW4Ox4U/r1LdaccqNF1kfe6p2pk2co0uoKYzjTfz1Mep X-Received: by 10.180.75.212 with SMTP id e20mr1298238wiw.5.1403063390081; Tue, 17 Jun 2014 20:49:50 -0700 (PDT) Received: from [10.67.0.184] ([78.141.189.76]) by mx.google.com with ESMTPSA id r44sm2398579eeo.18.2014.06.17.20.49.48 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 17 Jun 2014 20:49:49 -0700 (PDT) Message-ID: <53A10C5B.1000003@lerdorf.com> Date: Wed, 18 Jun 2014 05:49:47 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Pierre Joye , PHP internals References: In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] PHP6, drop open_basedir? From: rasmus@lerdorf.com (Rasmus Lerdorf) On 06/17/2014 10:26 AM, Pierre Joye wrote: > hi, > > One of the last reminding so called "security" feature is open_basedir. > > On Windows f.e. it is very easy to create application pool with the > right users/permissions settings (IIS) or only permissions settings > (Apache). It is not possible to create one user per host on Apache > using mod_php but I think it is acceptable as it is mostly used as > development server or dedicated apps. > > On linux, fcgi/fpm with linux permissions systems allow pretty much > the same. And my solutions exist for a per user/application isolation > system. > > I think it is not worth the effort to keep maintaining something that > will never be as safe as system level permissions. > > What do you think about removing it in php 6? Thoughts? I think you have a very narrow view of how this feature is used. Security and code quality is about layers. This is a useful layer that helps verify that an application, or even a subset of an application, is only able to access a given set of directories. If something tries to access a file outside of the defined scope, we get an error and we know there is a bug in the code. I, and many companies out there, rely quite heavily on this feature to catch mistakes. And yes, there are ways of getting around it at the PHP-level if you deliberately craft your PHP code to do so, but that doesn't make the feature any less useful to all the people using it to catch non-deliberate mistakes. -Rasmus