-

 -

  •     - - . : Internet Explorer 6, Fire Fox 1.5, Opera 9.5, Safari 3.1.1 JavaScript.

 -

   Net-man

 - e-mail

 

 -

 LiveInternet.ru:
: 20.04.2010
: 814
: 5985
: 11575

:


PHP: PHP - PHP

, 18 2011 . 21:16 +

PHP - . , PHP, - , , , .

1. ,

safe_mode "0" PHP_INI_SYSTEM
safe_mode_gid "0" PHP_INI_SYSTEM
safe_mode_include_dir NULL PHP_INI_SYSTEM
safe_mode_exec_dir "" PHP_INI_SYSTEM
safe_mode_allowed_env_vars PHP_ PHP_INI_SYSTEM
safe_mode_protected_env_vars LD_LIBRARY_PATH PHP_INI_SYSTEM
open_basedir NULL PHP_INI_SYSTEM
disable_functions "" PHP_INI_SYSTEM
disable_classes "" PHP_INI_SYSTEM

safe_mode boolean

/ PHP.

safe_mode_gid boolean

UID. , GID, on safe_mode_gid. , UID (FALSE) GID (TRUE) .

safe_mode_include_dir string

, , UID/GID ( , include_path, ).

PHP 4.2.0 , ( windows-), include_path.

, . , "safe_mode_include_dir = /dir/incl" , "/dir/include" "/dir/incls", , . , , : "safe_mode_include_dir = /dir/incl/".

safe_mode_exec_dir string

, PHP , system() , .

safe_mode_allowed_env_vars string

- . , . , . , , PHP_ (, PHP_FOO=BAR).

: , , !

safe_mode_protected_env_vars string

, , , putenv(). , safe_mode_allowed_env_vars.

open_basedir string

, PHP, , .

, , , fopen() gzopen(), . , , PHP . , .

. , , . , chdir().

open_basedir httpd.conf (, ) : "php_admin_value open_basedir none".

Windows- . . , PHP - Apache, open_basedir .

, . , "safe_mode_include_dir = /dir/incl" , "/dir/include" "/dir/incls", , . , , : "safe_mode_include_dir = /dir/incl/".

: 3.0.7.

.

disable_functions string

. , . disable_functions , .

php.ini. , , httpd.conf.

disable_classes string

. , . disable_classes , .

php.ini. , , httpd.conf.

: , PHP 4.3.2

: register_globals, display_errors, log_errors

, safe_mode on, PHP , , . :

-rw-rw-r-- 1 rasmus rasmus 33 Jul 1 19:20 script.php 
-rw-r--r-- 1 root root 1116 May 26 18:01 /etc/passwd

script.php

<?php
 readfile
('/etc/passwd'); 
?>

:

Warning: SAFE MODE Restriction in effect. The script whose uid is 500 is not 
allowed to access /etc/passwd owned by uid 0 in /docroot/script.php on line 2

, UID GID. safe_mode_gid. , On, GID. , Off ( ), UID.

safe_mode open_basedir. ( httpd.conf):

<Directory /docroot>
 php_admin_value open_basedir /docroot 
</Directory>

script.php open_basedir :

Warning: open_basedir restriction in effect. File is in wrong directory in 
/docroot/script.php on line 2

. , disable_functions php.ini, , , httpd.conf, . php.ini :

disable_functions readfile,system

:

Warning: readfile() has been disabled for security reasons in 
/docroot/script.php on line 2

PHP

, , , .

2. ,

dbmopen()
, /, , UID (), .
dbase_open()
, /, , UID (), .
filepro()
, /, , UID (), .
filepro_rowcount()
, /, , UID (), .
filepro_retrieve()
, /, , UID (), .
ifx_*
sql_safe_mode ( safe_mode)
ingres_*
sql_safe_mode ( safe_mode)
mysql_*
sql_safe_mode ( safe_mode)
pg_lo_import()
, /, , UID (), .
posix_mkfifo()
, , , UID (), .
putenv()
the safe_mode_protected_env_vars safe_mode_allowed_env_vars. putenv().
move_uploaded_file()
, /, , UID (), .
chdir()
, , , UID (), .
dl()
.
backtick operator
.
shell_exec()
( backticks)
.
exec()
, , safe_mode_exec_dir. , .. . , escapeshellcmd().
system()
, , safe_mode_exec_dir. , .. . , escapeshellcmd()
passthru()
, , safe_mode_exec_dir. , .. . , escapeshellcmd().
popen()
, , safe_mode_exec_dir. , .. . , escapeshellcmd().
fopen()
, , , UID (), .
mkdir()
, , , UID (), .
rmdir()
, , , UID (), .
rename()
, /, , UID (), . , , , UID (), .
unlink()
, /, , UID (), . , , , UID (), .
copy()
, /, , UID (), . , , , UID (), . ( source target).
chgrp()
, /, , UID (), .
chown()
, /, , UID (), .
chmod()
, /, , UID (), . , UID, SGID sticky-.
touch()
, /, , UID (), . , , , UID (), .
symlink()
, /, , UID (), . , , , UID (), . (: target)
link()
, /, , UID (), . , , , UID (), . (: target)
apache_request_headers()
, , 'authorization' ( ), .
header()
, UID realm- WWW-Authenticate, ( HTTP-)
PHP_AUTH
, PHP_AUTH_USER, PHP_AUTH_PW, AUTH_TYPE $_SERVER. , REMOTE_USER . (: PHP 4.3.0 )
highlight_file(), show_source()
, /, , UID (), . , , , UID (), . (: PHP 4.2.1 )
parse_ini_file()
, /, , UID (), . , , , UID (), . (: PHP 4.2.1 )
set_time_limit()
,
max_execution_time
,
mail()
. (: PHP 4.2.3 )
, php4/main/fopen_wrappers.c


 

PHP.SU

PHP
:  

1

: [1] []
 

:
: 

: ( )

:

  URL