Hi, On Sun, 25 Jul 2004 11:12:26 -0400 (EDT) Adam Maccabee Trachtenberg <[EMAIL PROTECTED]> wrote:
> > If nobody wants to give an answer to the above, my question would still be: > > Is there any way restricting people from retrieving file names (where > > open_basedir and safe_mode obviously won't help), besides adding glob to > > disable_functions in php.ini? > Why don't you set display_errors to Off? Or am I missing something? I'm not that concerned about myself being able to locate files on my own system :) I'm more concerned about users in a shared environment (as most webhosting-facilities) would be able to get file names, they shouldn't have access to. display_errors is changeable by PHP_INI_ALL, meaning that users would be able to turn warnings on. Still, I wouldn't like a solution where users wouldn't have access to warnings, just because of this. I would hope for a global change (like changing the behaviour of glob() ) making sure that users in a shared environment really are restricted by safe_mode and open_basedir. I see several behaviours of glob() allowing users to bypass other security measures. As mentioned in bug #28932 I would think that glob() should behave the same way as opendir(). As it is now, errors would regard the files globbed and not the directory itself. If it behaved like opendir(), we would get rid of the following issues: - glob() checks UID of directory *or* first file, instead of just directory. First file-check makes no sense (1) - No "file walking" would be possible (as glob() returns false instead of raising a warning if no file is matched) (2a) - File names wouldn't be disclosed (2b) -- - Peter Brodersen -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
