Hi, Short story I need to patch PHP to allow me to override all file operations done from PHP scripts. I need this to do some extended access control on the files in the environment where PHP will be running. Looking for hints on wise places to put this functionality.
Longer story I am currently working on a project to integrate the use of PHP into an existing web application framework (written in Java). This application framework uses a more advanced file security model than that of standard UNIX permissions (actually, it makes use of WebDAV/ACLs internally, for published resources). I need to make some kind of hook in the PHP source code, which enables me to "override"/control all file operations, so that I can validate them against the ACLs defined for the files in the application framework. I then need to be able to deny/allow the file-operation after checking this. (Users publishing PHP scripts should, of course, not be able to completely bypass the ACL permissions with the use of fopen's, includes, etc. from their scripts.) The UNIX permissions are of no help, since all published files are owned by the WebDAV server process owner (not the same as the PHP process owner). PHP will be running with safe_mode enabled (probably invoked via FastCGI) and with a generally very restrictive configuration. The aim is to only provide a basic way for users to publish PHP-generated pages, in addition to other common resources (xml/html etc.) I am currently playing with the PHP 4.3.7 source code (testing as CGI under Apache 1.3.31). After reading through parts of it (hopefully the parts relevant to my task, including important ones like php.h, zend.h zend_API.h, TSRM.h), I have implemented a simple test in main/safe_mode.c: php_checkuid() This seems to catch all the file operations made from my testing scripts when safe_mode is enabled (safe_mode_gid="0"). I am able to conditionally deny access by returning 1 from the function mentioned above. My preliminary plan is therefore to use this as my entry point for the extended file access checks. It is important that I can be certain that `php_checkuid()' in safe_mode.c will catch all possible file operation scenarios from PHP-scripts (assuming PHP is configured properly). Is this a good place to put this ? I have also looked in other files: main/fopen_wrappers.c main/streams.c ext/standard/php_fopen* ext/standard/file* As you might understand, I am looking for the best place to implement all of this, with the ability to cleanly deny access (with standard PHP error message/exception handling, preferably) . My experience with the PHP source is quite limited at the moment, but the scope of this project is solely concerned with file access operations and security. If anyone can comment on or provide some hints on this, URLs etc., it would be greatly appreciated. Thank you. Regards, Øyvind S. -- < Øyvind Stegard <[EMAIL PROTECTED]> < USIT, University of Oslo -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
