PHP安全模式替代方案
[英]PHP safemode alternative
问题描述
Safe Mode is deprecated as 5.3.0. 
安全模式已弃用为5.3.0。 I have never really required it and rather found it problematic many times in the past due to permission errors, etc. 由于许可错误等原因,我从来没有真正要求它,而是在过去多次发现它有问题。
However I now have a requirement where I think safe mode would have done great. 但是我现在有一个要求,我认为安全模式会做得很好。
I have built a web application which is extensible via modules. 我已经构建了一个可以通过模块扩展的Web应用程序。 I plan on hosting the system myself and allowing paying customers to extend their software by implementing and writing modules which hook into the various parts of the system. 我计划自己托管系统,并允许付费客户通过实现和编写挂钩到系统各个部分的模块来扩展他们的软件。
My concern is, by doing so, I have no way of ensuring the code they uploaded is not scanning the foundation/framework I have spent literally years designing and testing. 我担心的是,通过这样做,我无法确保他们上传的代码不会扫描我花了数年时间设计和测试的基础/框架。 Keep the code proprietary is of great interest to me. 保持代码专有权对我很感兴趣。
I write a module analysis tool to ensure no illegal methods are being invoked in third party modules - not easy!!!
我编写了一个模块分析工具,以确保在第三方模块中不会调用非法方法 - 不容易! I Disable harmful functions at the php.ini level but this includes fopen() and it's ilk - this means the framework won't be able to call it's own include() operations and such.
我在php.ini级别禁用有害函数但这包括fopen()和它的类似 - 这意味着框架将无法调用它自己的include()操作等。 Lastly and sadly obsolete, safe mode to restrict user modules from being able to read files which do not share the same ID, group, etc.
最后,可悲的是过时的安全模式,限制用户模块无法读取不共享相同ID,组等的文件。
What is the recommended approach to such a thing? 这种事情的推荐方法是什么? Short of manually reviewing or auto-analysing each module before being executed in the context of my framework? 在我的框架上下文中执行之前,没有人工审查或自动分析每个模块?
3 个解决方案
解决方案1
0 2013-12-05 11:55:43
Instead of safemode, you can use php-fpm with chroot, per user permissions in mod_ruid and php-fpm, and opendir restriction in php. 而不是安全模式,你可以使用php-fpm与chroot,mod_ruid和php-fpm中的每个用户权限,以及php中的opendir限制。 This way, you can make it much more strict then safe mode could ever. 通过这种方式,您可以使安全模式变得更加严格。
Personally, I would recommend php-fpm with chroot and disabling system functions like exec and system. 就个人而言,我会推荐使用chroot的php-fpm并禁用exec和system等系统功能。 Those are evil anyway. 反正那些都是邪恶的。
解决方案2
0 2017-04-26 19:12:12
我在/etc/php/7.0/fpm/php.ini中使用open_basedir绕过了安全模式
解决方案3
0 2011-10-26 17:42:05
Its a good thing that safe_mode is being removed. 删除safe_mode是一件好事。 Its a false sense of secuirty, and there have been many ways to bypass it. 它是一种虚假的安全感,并且有很多方法可以绕过它。
A better approach is use suphp to run your application as a jailed user. 更好的方法是使用suphp将您的应用程序作为被监禁的用户运行。 This uses the security of the operating system to protect your application. 这使用操作系统的安全性来保护您的应用程序。 Instead of banning exec() and system() , you run your php code as an account that doesn't have access to a shell. 您可以将php代码作为无法访问shell的帐户运行,而不是禁止exec()和system() 。 Instead of banning fopen() you remove write privileges from everything owned by that user chmod 500 -R / . 您可以从该用户chmod 500 -R /拥有的所有内容中删除写入权限,而不是禁止fopen() 。 Or go a step further and run your application within a chroot. 或者更进一步,在chroot中运行您的应用程序。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.