@- Added the ability to prevent the user from overriding certain environment

@  variables in Safe Mode (Zeev)
- Finished work, more or less

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 308022f0e727f1c30629aee1faf0a2da044fbed7..8634288932a2523885c12f354ec72fbdab1b9935 100644 (file)
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -316,8 +316,10 @@ static PHP_INI_MH(OnUpdateSafeModeProtectedEnvVars)
        protected_vars = estrndup(new_value, new_value_length);
        zend_hash_clean(&BG(protected_env_vars));
 
-       while (protected_var=strtok(protected_vars, ",")) {
+       protected_var=strtok(protected_vars, ", ");
+       while (protected_var) {
                zend_hash_update(&BG(protected_env_vars), protected_var, strlen(protected_var), &dummy, sizeof(int), NULL);
+               protected_var=strtok(NULL, ", ");
        }
        efree(protected_vars);
        return SUCCESS;
@@ -545,6 +547,14 @@ PHP_FUNCTION(putenv)
                pe.key_len = strlen(pe.key);
                pe.key = estrndup(pe.key,pe.key_len);
                
+               if (PG(safe_mode)
+                       && zend_hash_exists(&BG(protected_env_vars), pe.key, pe.key_len)) {
+                       php_error(E_WARNING, "Safe Mode:  Cannot override protected environment variable '%s'", pe.key);
+                       efree(pe.putenv_string);
+                       efree(pe.key);
+                       RETURN_FALSE;
+               }
+
                zend_hash_del(&BG(putenv_ht),pe.key,pe.key_len+1);
                
                /* find previous value */

diff --git a/ext/standard/basic_functions.h b/ext/standard/basic_functions.h
index 202b32ac6114738ec9666ae93832b690a70ff8bc..80d7a26f9a426acca1b8b04d302dbe6afca08b46 100644 (file)
--- a/ext/standard/basic_functions.h
+++ b/ext/standard/basic_functions.h
@@ -184,6 +184,6 @@ typedef struct {
 
 /* Values are coma-delimited
  */
-#define SAFE_MODE_PROTECTED_ENV_VARS "LD_"
+#define SAFE_MODE_PROTECTED_ENV_VARS "LD_LIBRARY_PATH"
 
 #endif /* _BASIC_FUNCTIONS_H */

diff --git a/php.ini-dist b/php.ini-dist
index 583f5df0bde32e3cb913d9660a153a4f242ce3e9..844bf100e878e29d632c9a5177507ff2776cabb9 100644 (file)
--- a/php.ini-dist
+++ b/php.ini-dist
@@ -77,6 +77,12 @@ allow_call_time_pass_reference       = On    ; whether to enable the ability to force arg
 ; Safe Mode
 safe_mode              =       Off
 safe_mode_exec_dir     =
+safe_mode_protected_env_vars = LD_LIBRARY_PATH         ; In Safe Mode, setting certain environment
+                                                                                                       ; variables may be a potential security
+                                                                                                       ; breach.  This directive contains
+                                                                                                       ; a comma delimited list of environment
+                                                                                                       ; variables, that the end user won't be
+                                                                                                       ; able to override using putenv()
 
 ; Colors for Syntax Highlighting mode.  Anything that's acceptable in <font color=???> would work.
 highlight.string       =       #DD0000