How can my php script tell if suhosin changed request variables?
Question
I've been testing security for some php scripts and have found that, among other things, suhosin strips away a posted variable that is huge... this is fine and desirable, but I'd like for my script to be able to tell that suhosin changed the request.
Does suhosin leave any fingerprints to indicate that some action was taken -- in a way that the script can detect? I'm guessing it can't trigger something like an E_USER_WARNING , because that would be thrown before the script is running and could catch it. Maybe an environment or special global variable?
I tried a few approaches myself, but didn't see anything... perhaps suhosin needs to be configured to do this? I find the suhosin documentation to be, um, difficult to understand.
2 answers
solution1
0 2014-08-18 06:41:39
Suhosin's input filter is designed to filter out potentially dangerous payload, eg too big requests, transparently. If a script were able to detect this filter and change its program flow based on this information, it would be much easier for an attacker to circumvent the filter.
As a recommendation, filter limits should be set as strict as possible, but as broad as necessary. Your script is supposed to run without being able to detect Suhosin's presence.
solution2
0 2011-10-15 10:28:23
是的,它确实是,不是指纹识别,而是日志记录: Suhosin日志记录配置 。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.