Sandbox ? I have been forced to create PHP application that need inside execution of code snipplets from untrusted users and do it as secure as possible. I see it is not possible for some security raesons. (db connection,resources etc.). So I suggest to add a simple sandbox capability to PHP language, that help avoid security risk in situations where executing of 3rd party code inside of some application is needed.
I suggest, that code, what will be run inside a sandbox will have no way to acces resources (open files, db connection etc) from outside of the sandbox,will have a limited (ie strictly defined) acces to current global and local scope variablers and may be other security checks too. I suggest to have following things: Create_sandbox($path,$global_read,$global_write,$scope_read,$scope_write,$resource_available) function that define sandbox and set its parameters.Parameters of the sandbox describes what from outside sandbox will be available inside. $path = from where in filesystem code inside a sandbox can read/write/include other files $global_read = list of global variables, that are readable inside a sandbox $global_write = list of global variables, that are writable inside a sandbox $scope_read = like $global_read,but for current scope $scope_write = ...... $resource_available = list of openned resources, that are available inside a sandbox. return $sandbox_id or false if fail. sandbox_eval($sandbox_id,$code) like eval, but inside a sandbox. sandbox_include($sandbox_id,$path) like include, but inside sandbox. sandbox_close($sandbox_id) close and destroy sandbox. It hing it should work like this <? . . // do something . . // define sandbox here $sandbox_id= Create_sandbox($path,$global_read,$global_write,$scope_read,$scope_write,$resource_available) . . . // do something . . //here I need to use previously defined sandbox sandbox_eval($sandbox_id,$code) . . // do something . . . //here I need to execute other code inside of the same sandbox sandbox_include($sandbox_id,$path) . . . //do something . . //end of script, so sandbox is closed sandbox_close($sandbox_id) ?> I thing that suggested things adds a simple to use, but yet secure and flexibile capabilities for executing "not so trusted" third party code inside any PHP aplication .It may add several bennefits for gerneral PHP security too.What do you think ? PS: Execuse my bad language, English is not my native. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
