Problem with MySQL Using Hardened PHP5

Wed, 06 Dec 2006 08:02:26 -0800 

Hey All,
I am attempting to use the hardened php5 pkg (php5-core-5.1.4p1-hardened) set and am seeing weird problems with mysql/php. It simply and quietly stops processing a script that performs moderately heavy SQL inserts. No error messages, no logs, nothing! Going back to the regular (unhardened) set completely solves the problem. 


Since there is little to no documentation (that I've been able to find) 
on the mysql to php integration, configuration, or logging that is 
specific to the hardened patch, I'm left with few options in 
troubleshooting the issue. What's frustrating is the lack of messages or 
errors. I know that I have at least some logging in place in that I've 
been able to generate a hphp error in my syslog by exceeding GET 
parameter values, but I'm getting nothing in the logs when the mysql 
problem occurs.


Does anyone have any clues or suggestions on this?


The pkg maintainer has ignored my e-mails, so I'm hoping the list can 
offer some pointers.


Thanx,
Chuck


The following is a synopsis of my system:

OpenBSD 4.0 on amd64 with a custom kernel to support Raidframe.

I'm using the binary packages

PHP5 pkgs used:
-------------------
php5-core-5.1.4p1-hardened
php5-curl-5.1.4-hardened
php5-gd-5.1.4-hardened
php5-mcrypt-5.1.4-hardened
php5-mhash-5.1.4-hardened
php5-mysql-5.1.4-hardened
php5-soap-5.1.4-hardened


hphp specific settings in PHP.ini
---------------------------------
hphp.log.syslog = S_ALL
hphp.log.syslog.priority = LOG_ALERT
hphp.log.syslog.facility = LOG_USER
hphp.executor.max_depth = 8000
hphp.request.max_vars = 2000
hphp.request.max_varname_length = 64
hphp.request.max_totalname_length = 256
hphp.request.max_array_index_length = 64
hphp.request.max_array_depth = 100
hphp.request.max_value_length = 65000
hphp.request.disallow_nul = 1
hphp.cookie.max_vars = 100
hphp.cookie.max_name_length = 64
hphp.cookie.max_totalname_length = 256
hphp.cookie.max_array_index_length = 64
hphp.cookie.max_array_depth = 100
hphp.cookie.max_value_length = 10000
hphp.cookie.disallow_nul = 1
hphp.get.max_vars = 100
hphp.get.max_name_length = 64
hphp.get.max_totalname_length = 256
hphp.get.max_array_index_length = 64
hphp.get.max_array_depth = 50
hphp.get.max_value_length = 512
hphp.get.disallow_nul = 1
hphp.post.max_vars = 600
hphp.post.max_name_length = 64
hphp.post.max_totalname_length = 256
hphp.post.max_array_index_length = 64
hphp.post.max_array_depth = 100
hphp.post.max_value_length = 65000
hphp.post.disallow_nul = 1
hphp.upload.max_uploads = 25
hphp.upload.disallow_elf_files = On

Other
-----------------
Added kern.maxfiles=4096 to /etc/sysctl.conf
Added --open-files-limit=2048 to /etc/mysql.server exec line




--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.9/573 - Release Date: 12/5/2006























					Reply via email to