PHP: PHP - PHP |
PHP - . , PHP, - , , , .
1. ,
safe_mode | "0" | PHP_INI_SYSTEM |
safe_mode_gid | "0" | PHP_INI_SYSTEM |
safe_mode_include_dir | NULL | PHP_INI_SYSTEM |
safe_mode_exec_dir | "" | PHP_INI_SYSTEM |
safe_mode_allowed_env_vars | PHP_ | PHP_INI_SYSTEM |
safe_mode_protected_env_vars | LD_LIBRARY_PATH | PHP_INI_SYSTEM |
open_basedir | NULL | PHP_INI_SYSTEM |
disable_functions | "" | PHP_INI_SYSTEM |
disable_classes | "" | PHP_INI_SYSTEM |
/ PHP.
UID. , GID, on safe_mode_gid. , UID (FALSE) GID (TRUE) .
, , UID/GID ( , include_path, ).
PHP 4.2.0 , ( windows-), include_path.
, . , "safe_mode_include_dir = /dir/incl" , "/dir/include" "/dir/incls", , . , , : "safe_mode_include_dir = /dir/incl/".
, PHP , system() , .
- . , . , . , , PHP_ (, PHP_FOO=BAR).
: , , !
, , , putenv(). , safe_mode_allowed_env_vars.
, PHP, , .
, , , fopen() gzopen(), . , , PHP . , .
. , , . , chdir().
open_basedir httpd.conf (, ) : "php_admin_value open_basedir none".
Windows- . . , PHP - Apache, open_basedir .
, . , "safe_mode_include_dir = /dir/incl" , "/dir/include" "/dir/incls", , . , , : "safe_mode_include_dir = /dir/incl/".
: 3.0.7.
.
. , . disable_functions , .
php.ini. , , httpd.conf.
. , . disable_classes , .
php.ini. , , httpd.conf.
: , PHP 4.3.2
: register_globals, display_errors, log_errors
, safe_mode on, PHP , , . :
-rw-rw-r-- 1 rasmus rasmus 33 Jul 1 19:20 script.php -rw-r--r-- 1 root root 1116 May 26 18:01 /etc/passwd |
script.php
<?php |
:
Warning: SAFE MODE Restriction in effect. The script whose uid is 500 is not allowed to access /etc/passwd owned by uid 0 in /docroot/script.php on line 2 |
, UID GID. safe_mode_gid. , On, GID. , Off ( ), UID.
safe_mode open_basedir. ( httpd.conf):
<Directory /docroot> php_admin_value open_basedir /docroot </Directory> |
script.php open_basedir :
Warning: open_basedir restriction in effect. File is in wrong directory in /docroot/script.php on line 2 |
. , disable_functions php.ini, , , httpd.conf, . php.ini :
disable_functions readfile,system |
:
Warning: readfile() has been disabled for security reasons in /docroot/script.php on line 2 |
, , , .
2. ,
|
, /, , UID (), . |
|
, /, , UID (), . |
|
, /, , UID (), . |
|
, /, , UID (), . |
|
, /, , UID (), . |
|
sql_safe_mode ( safe_mode) |
|
sql_safe_mode ( safe_mode) |
|
sql_safe_mode ( safe_mode) |
|
, /, , UID (), . |
|
, , , UID (), . |
|
the safe_mode_protected_env_vars safe_mode_allowed_env_vars. putenv(). |
|
, /, , UID (), . |
|
, , , UID (), . |
|
. |
|
. |
( backticks) |
. |
|
, , safe_mode_exec_dir. , .. . , escapeshellcmd(). |
|
, , safe_mode_exec_dir. , .. . , escapeshellcmd() |
|
, , safe_mode_exec_dir. , .. . , escapeshellcmd(). |
|
, , safe_mode_exec_dir. , .. . , escapeshellcmd(). |
|
, , , UID (), . |
|
, , , UID (), . |
|
, , , UID (), . |
|
, /, , UID (), . , , , UID (), . |
|
, /, , UID (), . , , , UID (), . |
|
, /, , UID (), . , , , UID (), . ( source target). |
|
, /, , UID (), . |
|
, /, , UID (), . |
|
, /, , UID (), . , UID, SGID sticky-. |
|
, /, , UID (), . , , , UID (), . |
|
, /, , UID (), . , , , UID (), . (: target) |
|
, /, , UID (), . , , , UID (), . (: target) |
|
, , 'authorization' ( ), . |
|
, UID realm- WWW-Authenticate, ( HTTP-) |
|
, PHP_AUTH_USER, PHP_AUTH_PW, AUTH_TYPE $_SERVER. , REMOTE_USER . (: PHP 4.3.0 ) |
|
, /, , UID (), . , , , UID (), . (: PHP 4.2.1 ) |
|
, /, , UID (), . , , , UID (), . (: PHP 4.2.1 ) |
|
, |
|
, |
|
. (: PHP 4.2.3 ) |
|
: | PHP |