----- Puvodní zpráva ----- Od: "Christian Schneider" <[EMAIL PROTECTED]> Komu: "Lukas Smith" <[EMAIL PROTECTED]> Kopie: "'ing.Martin Prášek'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Odesláno: 20. prosince 2003 19:28 Predmet: Re: [PHP-DEV] Extending PHP with sandbox capability ?
> Lukas Smith wrote: > >>Sandbox ? > > This would have to be done _very_ carefully to not leave a backdoor > open. PHP offers oh so many ways of accessing the system. > > I guess one'd have to start with safe_mode with quite some functions > disabled and go from there. But... Safe mode is useful, but it is not what I need. Fix me if i am wrong, but I thing safe mofe can not be started in the middle of the script and then disabled again, so for creating a sandbox is complettly useles. > > > BTW: if PHP wants to be the ultimate template engine it needs such a > > Maybe it's easier (and safer too) to not eval PHP code from external > sources. Know that, but when you _need_ it ? > You'd also have to make sure the output of their code is valid > (X)HTML or they could render your whole site invalid (think closing > table they didn't open, inserting javascript code and the like). PHP5 have integrated tidy so let this (X)HTML check to be done by application designer, not by the sandbox itself. > that's already hard enough as it is. Allowing them to submit SQL queries > for example opens up a whole new can of worms. Definietly, not. Because inside you have no acces to resources from inside of the sandbox, you can not use established db connections, opened files, shm and so on. Code inside the sandbox need to connect to sql database before any SQL can be used.If code inside sandbox will connect to database as another user (or better, to another database), there is very simple way, just using proper SQL GRANT/REVOKE by application designer and it keep vital data complettly out of reach for sandboxed code. I see no problems here. > > I guess a sandbox model is something to be thought about for PHP6 ;-) > > - Chris > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
