stackoom
  简体   繁体   中英

Sandboxing PHP Phar files

 原文  2014-06-07 14:44:07       php/ sandbox/ phar

Question

i am making an application that has the ability to run plugins, now i wish to sandbox these plugins to only be able to run in their own environment (not able to access files from the installation) and not be able to access configuration settings (such as the database password which are defined by 'define' variables)

What should i use to sandbox my phar plugins?

1 answers

solution1
 1 ACCPTED  2014-06-15 16:39:29

There are 3 basic ways to add sandboxing functionality to your application.

  1. Use a new PHP process execution environment and use the OS's security mechanisms to create a sandbox. Communication between the application process and the sandboxed process would use some network protocol (as the OS sandboxing would limit IPC and/or pipe communcation). Examples would include chroot environment or docker plus zeromq.

  2. Use a new PHP process and a PHP extension to enable security features like limiting includes and network functionality. Examples include suhosin, suPHP, (to a lesser extent) forking and exec().

  3. Use your existing application process and a PHP extension to enable and then disable secure features before and after executing plugin code. Examples include suhosin

The 3rd option seems to be the easiest, yet weakest, solution because anything that you could turn on with suhosin a malicious plugin could probably turn off.

You must list the requirements of your sandbox, like disallowing environment variables, restricting include paths, restricting network connectivity and restricting database connectivity, then make trade-offs with complexity of the solution and the priority of the desired features.

It sounds like you are already executing the PHAR files in a new process from your application. If you are doing something like "exec('php ./plugin.phar')" you are limited to changing the user, unless your main application is running as root. You could have some sort of plugin manager process constantly running as root and using exec to switch users while executing the external phar plugin, but that wouldn't limit the FS access.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Determine if PHP files is Running as Part of a `phar` archive PHP5.2: installing support for .phar files on Windows How to include PHP files in a compatible way for packaging with and without Phar? Php5-FPM error while including multiple phar files Do Phar files in PHP equate to Assemblies in Dot Net? Can PHP 5.5.5 load Phar files from OPcache? How to set php.exe as default application for phar files? PHP: Referencing static files that is inside a phar archive from html Sandboxing Users' PHP Code Sandboxing the exec function PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM