On 26 Mar 2012, at 17:41, Alex Pojarsky wrote: > Now, as the issue adressed and script removed, can you please explain > what exactly are the issues of using such approach? I mean security > ones, not performance.
It's the wrong solution to a process and organisation problem. Ultimately it's not really a problem IF you control every part of the infrastructure. Rene clearly doesn't so it has implications for everyone sharing that infrastructure, and anyone using the applications hosted there. * It requires the host to enable allow_url_fopen which means every single script on the server is then able to include/require URLs. It just needs one of them to have a related vulnerability and suddenly people can execute arbitrary PHP code on the server. * Rene mentioned that the code is open source. This implies that the security risk is lessened because the code that is being made publicly accessible is already publicly accessible, so the opportunity for someone to find vulnerabilities already exists. It gets an order of magnitude worse if other people start ignorantly using his code because they're essentially giving him the ability to execute arbitrary PHP code on their server. Not good no matter how much he protests that he won't "be evil." * You specifically wished to exclude performance from the discussion, but scalability is potentially a big issue here and should not be completely ignored. I think the real issue for Rene is that of perceived complexity. The idea of having to manually keep many copies of the same code in sync is what leads to finding solutions like this one. This solution leads to unnecessary network traffic and introduces potential security risks that go way beyond your own code, and even if it's not a big issue now it has the potential to become catastrophic! I'd put a fair amount of cash on my guess that Rene is not using any form of source control. To me that is the best solution to this problem. Curtis mentioned rsync which will also do the job, but in my view you're nuts if you're not using some form of source control already, and building a largely automated process around that is trivial and automatically audited. Rene: please read a book / website / something on PHP security. Some things are important whether you believe they are or not. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
