stackoom
  简体   繁体   中英

PHP safemode alternative

 原文  2011-10-25 16:38:11       php/ security/ execution/ safe-mode

Question

Safe Mode is deprecated as 5.3.0. I have never really required it and rather found it problematic many times in the past due to permission errors, etc.

However I now have a requirement where I think safe mode would have done great.

I have built a web application which is extensible via modules. I plan on hosting the system myself and allowing paying customers to extend their software by implementing and writing modules which hook into the various parts of the system.

My concern is, by doing so, I have no way of ensuring the code they uploaded is not scanning the foundation/framework I have spent literally years designing and testing. Keep the code proprietary is of great interest to me.

  1. I write a module analysis tool to ensure no illegal methods are being invoked in third party modules - not easy!!!

  2. I Disable harmful functions at the php.ini level but this includes fopen() and it's ilk - this means the framework won't be able to call it's own include() operations and such.

  3. Lastly and sadly obsolete, safe mode to restrict user modules from being able to read files which do not share the same ID, group, etc.

What is the recommended approach to such a thing? Short of manually reviewing or auto-analysing each module before being executed in the context of my framework?

3 answers

solution1
 0  2013-12-05 11:55:43

Instead of safemode, you can use php-fpm with chroot, per user permissions in mod_ruid and php-fpm, and opendir restriction in php. This way, you can make it much more strict then safe mode could ever.

Personally, I would recommend php-fpm with chroot and disabling system functions like exec and system. Those are evil anyway.

solution2
 0  2017-04-26 19:12:12

我在/etc/php/7.0/fpm/php.ini中使用open_basedir绕过了安全模式

solution3
 0  2011-10-26 17:42:05

Its a good thing that safe_mode is being removed. Its a false sense of secuirty, and there have been many ways to bypass it.

A better approach is use suphp to run your application as a jailed user. This uses the security of the operating system to protect your application. Instead of banning exec() and system() , you run your php code as an account that doesn't have access to a shell. Instead of banning fopen() you remove write privileges from everything owned by that user chmod 500 -R / . Or go a step further and run your application within a chroot.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Write file with PHP in safemode manage cronjobs using php in safemode When or for what Reasons should folks turn PHP Safemode ON/OFF? how to code a PHP function who will check whether the mode of Apache is on safemode or not? PHP set_time_limit() does not work, safemode is off PHP dictionary class? or alternative? fopen alternative for FPDF (PHP) php - class extending alternative PHP alternative syntax not working Alternative of fsockopen with curl in php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM