lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 17 Jul 2003 10:08:08 +0200
From: Michal Krause <michal@...use.cz>
To: bugtraq@...urityfocus.com
Subject: Re: PHP safe mode broken?


On 16/07/2003, Michal Krause wrote:

> Hi,
> 
> I think there is a bug in PHP safe mode handling from version 4.3.0
> till now.

I forgot to provide straight information how to fix this bug until there
will be an official patch. I hope it was clear from my previous email,
but if not, there is one of possible solutions:

find function php_check_safe_mode_include_dir in file
main/fopen_wrappers.c and change its last statement from

return 0;

to 

return -1;

(you can find it at line 253 in PHP version 4.3.2).

Then recompile PHP, install it and restart web server.


To test it, create simple PHP script owned by some regular user, which
will try to include /etc/passwd for example.

<?
echo("trying to read /etc/passwd");
include("/etc/passwd");
?>

This script should fail on safe mode error (when safe mode is enabled,
of course).

Best regards
Michal Krause

Powered by blists - more mailing lists