--- php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:11:32 1.1
+++ php-4.0.4pl1/FUNCTION_LIST.txt 2001/07/09 15:10:27
@@ -83,6 +83,7 @@
get_current_user
getmyuid
+ getmygid
getmypid
u getmyinode
getlastmod
--- php-4.0.4pl1/php.ini-dist 2001/07/09 15:12:08 1.1
+++ php-4.0.4pl1/php.ini-dist 2001/07/09 15:15:27
@@ -90,6 +90,10 @@
; Safe Mode
safe_mode = Off
+safe_mode_gid = Off ; By default, Safe Mode does a UID compare
+ ; check when opening files. If you want to
+ ; relax this to a GID compare, then turn on
+ ; safe_mode_gid.
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_ ; Setting certain environment variables
; may be a potential security breach.
--- php-4.0.4pl1/php.ini-optimized 2001/07/09 15:12:11 1.1
+++ php-4.0.4pl1/php.ini-optimized 2001/07/09 15:15:37
@@ -77,6 +77,10 @@
; Safe Mode
safe_mode = Off
+safe_mode_gid = Off ; By default, Safe Mode does a UID compare
+ ; check when opening files. If you want to
+ ; relax this to a GID compare, then turn on
+ ; safe_mode_gid.
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_ ; Setting certain environment variables
; may be a potential security breach.
--- php-4.0.4pl1/main/main.c 2001/07/08 20:53:18 1.1
+++ php-4.0.4pl1/main/main.c 2001/07/09 00:27:42
@@ -228,6 +228,7 @@
STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_ALL, OnUpdateBool, register_argc_argv, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("register_globals", "1", PHP_INI_ALL, OnUpdateBool, register_globals, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals)
+ STD_PHP_INI_BOOLEAN("safe_mode_gid", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("short_open_tag", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags, zend_compiler_globals, compiler_globals)
STD_PHP_INI_BOOLEAN("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("track_errors", "0", PHP_INI_ALL, OnUpdateBool, track_errors, php_core_globals, core_globals)
--- php-4.0.4pl1/main/php_globals.h 2001/07/08 20:53:18 1.1
+++ php-4.0.4pl1/main/php_globals.h 2001/07/09 00:17:38
@@ -63,6 +63,7 @@
zend_bool implicit_flush;
zend_bool safe_mode;
+ zend_bool safe_mode_gid;
zend_bool sql_safe_mode;
zend_bool enable_dl;
--- php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:28:46 1.1
+++ php-4.0.4pl1/main/safe_mode.c 2001/07/09 00:38:21
@@ -29,6 +29,7 @@
#include "ext/standard/pageinfo.h"
#include "safe_mode.h"
#include "SAPI.h"
+#include "php_globals.h"
/*
@@ -46,7 +47,7 @@
{
struct stat sb;
int ret;
- long uid=0L, duid=0L;
+ long uid=0L, gid=0L, duid=0L, dgid=0L;
char *s;
if (!filename) {
@@ -120,8 +121,14 @@
}
if (duid == (uid=php_getuid())) {
return 1;
+ } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) {
+ return 1;
} else {
- php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ if (PG(safe_mode_gid)) {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid %ld/%ld", uid, gid, filename, duid, dgid);
+ } else {
+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ }
return 0;
}
}
--- php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:44:00 1.1
+++ php-4.0.4pl1/ext/standard/basic_functions.c 2001/07/09 00:45:44
@@ -243,6 +243,7 @@
#endif
PHP_FE(getmyuid, NULL)
+ PHP_FE(getmygid, NULL)
PHP_FE(getmypid, NULL)
PHP_FE(getmyinode, NULL)
PHP_FE(getlastmod, NULL)
@@ -785,6 +786,7 @@
BG(array_walk_func_name) = NULL;
BG(incomplete_class) = NULL;
BG(page_uid) = -1;
+ BG(page_gid) = -1;
BG(page_inode) = -1;
BG(page_mtime) = -1;
#ifdef HAVE_PUTENV
--- php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:43:58 1.1
+++ php-4.0.4pl1/ext/standard/basic_functions.h 2001/07/09 00:45:08
@@ -158,6 +158,7 @@
/* pageinfo.c */
long page_uid;
+ long page_gid;
long page_inode;
long page_mtime;
--- php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:39:29 1.1
+++ php-4.0.4pl1/ext/standard/pageinfo.c 2001/07/09 00:46:35
@@ -47,9 +47,10 @@
pstat = sapi_get_stat();
- if (BG(page_uid)==-1) {
+ if (BG(page_uid)==-1 || BG(page_gid)==-1) {
if(pstat) {
BG(page_uid) = pstat->st_uid;
+ BG(page_gid) = pstat->st_gid;
BG(page_inode) = pstat->st_ino;
BG(page_mtime) = pstat->st_mtime;
}
@@ -64,6 +65,14 @@
return (BG(page_uid));
}
+long php_getgid(void)
+{
+ BLS_FETCH();
+
+ php_statpage(BLS_C);
+ return (BG(page_gid));
+}
+
/* {{{ proto int getmyuid(void)
Get PHP script owner's UID */
PHP_FUNCTION(getmyuid)
@@ -75,6 +84,21 @@
RETURN_FALSE;
} else {
RETURN_LONG(uid);
+ }
+}
+/* }}} */
+
+/* {{{ proto int getmygid(void)
+ Get PHP script owner's GID */
+PHP_FUNCTION(getmygid)
+{
+ long gid;
+
+ gid = php_getgid();
+ if (gid < 0) {
+ RETURN_FALSE;
+ } else {
+ RETURN_LONG(gid);
}
}
/* }}} */
--- php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:39:31 1.1
+++ php-4.0.4pl1/ext/standard/pageinfo.h 2001/07/09 00:42:16
@@ -22,10 +22,12 @@
#define PAGEINFO_H
PHP_FUNCTION(getmyuid);
+PHP_FUNCTION(getmygid);
PHP_FUNCTION(getmypid);
PHP_FUNCTION(getmyinode);
PHP_FUNCTION(getlastmod);
extern long php_getuid(void);
+extern long php_getgid(void);
#endif
