----- Puvodní zpráva ----- Od: "Wez Furlong" <[EMAIL PROTECTED]> Komu: "Christian Schneider" <[EMAIL PROTECTED]>; "ing.Martin Prásek" <[EMAIL PROTECTED]> Kopie: "Lukas Smith" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Odesláno: 21. prosince 2003 22:33 Predmet: Re: [PHP-DEV] Extending PHP with sandbox capability ?
> A real sandbox mechanism is not likely to be implemented, at least, > not for a very long time. > > Having needed something like this myself for a commercial project > in the past, I settled on a "user-space sandbox" using the tokenizer > extension to parse the code and filter out unsafe functions, rewrite > "new" statements to prevent instantiation of certain classes, rewrite > access to global variables and so on. I know, there are probably some ways how to do that, but it required a lot of efford and are far far to be simple and effective. You can, for example, do like this: Create on the fly appropriate wery restrictive php.ini file (safe mode, lot of things disabled etc), then call (via backtick for example) cli version of PHP , feed it with restrictive ini settings,serializabled variables and the untrusted code. And then grab its output. It will probably work and will be probably secure enough if well designed, but adds _a lot of overhead_.... I think PHP should have a simpliest ways for sandboxing code, without needs to build circus tent with bears, lions and even clowns for this. May be in my originally proposed function, Create_Sandbox() adding a list of new ini settings for sandboxed code and/or list od enabled/disabled PHP modules and functions will do this job. So application designer can set .ini parameters and enabled PHP modules, that he will allow for use inside a sandbox. I thing this should be secure enough,especially with recomended approach "disable everything, enable ONLY things you need". But I do not know how much work and time can take to add ability to temporairy disable certain moules or functions "on the fly" or temporairy change .ini settings and temporairy start a secure mode for integrating to zend engine. PS: Execuse my bed english, it is not my native language. Martin Prásek aka NTPT. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
