PHP 4

[ PHP ]

(!!! Teleportom!!!)
: fopen, msql_num_fields, socket_write ...


23. /Safe Mode

, / safe mode.

PHP . PHP, , web- , , ISP, safe mode.

23-1. , safe mode
safe_mode Off
safe_mode_gid 0
safe_mode_include_dir ""
safe_mode_exec_dir 1
open_basedir ""
safe_mode_allowed_env_varsPHP_
safe_mode_protected_env_varsLD_LIBRARY_PATH
disable_functions""

safe_mode /on, PHP , owner/ owner , . :

-rw-rw-r--    1 rasmus   rasmus       33 Jul  1 19:20 script.php 
-rw-r--r--    1 root     root       1116 May 26 18:01 /etc/passwd

script.php

<?php
 readfile('/etc/passwd'); 
?>

, safe mode :

Warning!: SAFE MODE Restriction in effect. The script whose uid is 500 is not 
allowed to access /etc/passwd owned by uid 0 in /docroot/script.php on line 2

, UID , GID. safe_mode_gid. On GID, Off ( ) UID.

safe_mode open_basedir, . ( Apache httpd.conf):

<Directory /docroot>
  php_admin_value open_basedir /docroot 
</Directory>

script.php open_basedir, :

Warning!: open_basedir restriction in effect. File is in wrong directory in 
/docroot/script.php on line 2

. , disable_functions php.ini, httpd.conf.
php.ini:

disable_functions readfile,system

:

Warning!: readfile() has been disabled for security reasons in 
/docroot/script.php on line 2

, / safe mode

, , , , , safe mode.

23-2. , /Safe mode
dbmopen(), ()/, , UID, .
dbase_open() , ()/, , UID, .
filepro() , ()/, , UID, .
filepro_rowcount() , ()/, , UID, .
filepro_retrieve() , ()/, , UID, .
ifx_*() sql_safe_mode, (!= safe mode)
ingres_*() sql_safe_mode, (!= safe mode)
mysql_*() sql_safe_mode, (!= safe mode)
pg_loimport(), ()/, , UID, .
posix_mkfifo(), , , UID, .
putenv() ini- safe_mode_protected_env_vars safe_mode_allowed_env_vars. . putenv().
move_uploaded_file() , ()/, , UID, .
chdir() , , , UID, .
dl() safe mode.
backtick safe mode.
shell_exec() ( backtick') safe mode.
exec() safe_mode_exec_dir. .. .
system() safe_mode_exec_dir. .. .
passthru() safe_mode_exec_dir. .. .
popen() safe_mode_exec_dir. .. .
mkdir() , , , UID, .
rmdir() , ()/, , UID, .
rename() , ()/, , UID, . , , , UID, .
unlink(), ()/, , UID, . , , , UID, .
copy(), ()/, , UID, . , , , UID, . (on source and target )
chgrp(), ()/, , UID, .
chown() , ()/, , UID, .
chmod() , ()/, , UID, . , SUID, SGID sticky-.
touch(), ()/, , UID, . , , , UID, .
symlink(), ()/, , UID, . , , , UID, . (: target/)
link(), ()/, , UID, . , , , UID, . (: target/)
getallheaders() header', 'authorization' ( ), . : aol- getallheaders() !
header() uid realm WWW-Authenticate, /header ( HTTP Authentication).
highlight_file(), show_source() , ()/, , UID, . , , , UID, . (: , PHP 4.2.1)
parse_ini_file() , ()/, , UID, . , , , UID, . (: , PHP 4.2.1)
, php4/main/fopen_wrappers.c??


TCP/IP/

: 3119 .

: - |  -