From 27e175eef0ccd796d282effdeb7c984e54c51208 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Wed, 8 Mar 2006 14:41:45 +0000 Subject: [PATCH] So long safe_mode mode. Also removed the magic_quotes configure option, no longer relevant since the magic is gone :-). --- Makefile.gcov | 4 +- Makefile.global | 8 ++-- configure.in | 42 +------------------- ext/standard/basic_functions.c | 29 ++++++++++++++ ext/standard/basic_functions.h | 1 + ext/tidy/tidy.c | 1 - ext/zlib/zlib.c | 1 - main/SAPI.c | 71 ++-------------------------------- main/config.w32.h | 2 - main/fopen_wrappers.c | 6 --- main/main.c | 21 +--------- main/php.h | 2 - main/php_globals.h | 6 --- main/php_ini.c | 4 -- main/streams/plain_wrapper.c | 5 --- php.ini-dist | 35 ----------------- php.ini-recommended | 35 ----------------- run-tests.php | 16 -------- server-tests.php | 12 ------ win32/build/config.w32 | 2 +- win32/install.txt | 3 -- win32/php5dll.dsp | 8 ---- win32/php5dllts.dsp | 8 ---- 23 files changed, 42 insertions(+), 280 deletions(-) diff --git a/Makefile.gcov b/Makefile.gcov index 85f93e9db6f16..6d7a558104947 100644 --- a/Makefile.gcov +++ b/Makefile.gcov @@ -13,13 +13,13 @@ lcov-test: all TEST_PHP_EXECUTABLE=$(PHP_EXECUTABLE) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d 'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)` tests/; \ + $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d 'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)` tests/; \ elif test ! -z "$(SAPI_CLI_PATH)" && test -x "$(SAPI_CLI_PATH)"; then \ NO_INTERACTION=1 \ TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php $(TESTS); \ + $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php $(TESTS); \ else \ echo "ERROR: Cannot run tests without CLI sapi."; \ fi diff --git a/Makefile.global b/Makefile.global index 93f751a010043..0897ba0572eae 100644 --- a/Makefile.global +++ b/Makefile.global @@ -72,12 +72,12 @@ test: all TEST_PHP_EXECUTABLE=$(PHP_EXECUTABLE) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d 'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)` tests/; \ + $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d 'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)` tests/; \ elif test ! -z "$(SAPI_CLI_PATH)" && test -x "$(SAPI_CLI_PATH)"; then \ TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -U $(TESTS); \ + $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -U $(TESTS); \ else \ echo "ERROR: Cannot run tests without CLI sapi."; \ fi @@ -87,7 +87,7 @@ utest: all TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -u $(TESTS); \ + $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -u $(TESTS); \ else \ echo "ERROR: Cannot run tests without CLI sapi."; \ fi @@ -97,7 +97,7 @@ ntest: all TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \ TEST_PHP_SRCDIR=$(top_srcdir) \ CC="$(CC)" \ - $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -N $(TESTS); \ + $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -N $(TESTS); \ else \ echo "ERROR: Cannot run tests without CLI sapi."; \ fi diff --git a/configure.in b/configure.in index f6442aaecbaa0..734185b6f5281 100644 --- a/configure.in +++ b/configure.in @@ -713,37 +713,6 @@ fi test -n "$DEBUG_CFLAGS" && CFLAGS="$CFLAGS $DEBUG_CFLAGS" -PHP_ARG_ENABLE(safe-mode, whether to enable safe mode by default, -[ --enable-safe-mode Enable safe mode by default], no, no) - -if test "$PHP_SAFE_MODE" = "yes"; then - AC_DEFINE(PHP_SAFE_MODE,1,[ ]) -else - AC_DEFINE(PHP_SAFE_MODE,0,[ ]) -fi - -AC_MSG_CHECKING([for safe mode exec dir]) -AC_ARG_WITH(exec-dir, -[ --with-exec-dir[=DIR] Only allow executables in DIR under safe-mode - [/usr/local/php/bin]], -[ - if test "$withval" != "no"; then - if test "$withval" = "yes"; then - AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ]) - AC_MSG_RESULT([/usr/local/php/bin]) - else - AC_DEFINE_UNQUOTED(PHP_SAFE_MODE_EXEC_DIR,"$withval", [ ]) - AC_MSG_RESULT([$withval]) - fi - else - AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ]) - AC_MSG_RESULT([/usr/local/php/bin]) - fi -],[ - AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ]) - AC_MSG_RESULT([/usr/local/php/bin]) -]) - PHP_ARG_ENABLE(sigchild,whether to enable PHP's own SIGCHLD handler, [ --enable-sigchild Enable PHP's own SIGCHLD handler], no, no) @@ -753,15 +722,6 @@ else AC_DEFINE(PHP_SIGCHILD, 0, [ ]) fi -PHP_ARG_ENABLE(magic-quotes,whether to enable magic quotes by default, -[ --enable-magic-quotes Enable magic quotes by default.], no, no) - -if test "$PHP_MAGIC_QUOTES" = "yes"; then - AC_DEFINE(MAGIC_QUOTES, 1, [ ]) -else - AC_DEFINE(MAGIC_QUOTES, 0, [ ]) -fi - PHP_ARG_ENABLE(rpath, whether to enable runpaths, [ --disable-rpath Disable passing additional runtime library search paths], yes, no) @@ -1262,7 +1222,7 @@ PHP_INSTALL_HEADERS([Zend/ TSRM/ include/ main/ main/streams/ regex/]) PHP_ADD_SOURCES(TSRM, TSRM.c tsrm_strtok_r.c tsrm_virtual_cwd.c) PHP_ADD_SOURCES(main, main.c snprintf.c spprintf.c php_sprintf.c \ - safe_mode.c fopen_wrappers.c alloca.c php_scandir.c \ + fopen_wrappers.c alloca.c php_scandir.c \ php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \ strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \ network.c php_open_temporary_file.c php_logos.c \ diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 9681db53c0362..f437130f91896 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1961,6 +1961,35 @@ PHPAPI int _php_error_log(int opt_err, char *message, char *opt, char *headers T return SUCCESS; } +PHPAPI char *php_get_current_user() +{ + struct passwd *pwd; + struct stat *pstat; + TSRMLS_FETCH(); + + if (SG(request_info).current_user) { + return SG(request_info).current_user; + } + + /* FIXME: I need to have this somehow handled if + USE_SAPI is defined, because cgi will also be + interfaced in USE_SAPI */ + + pstat = sapi_get_stat(TSRMLS_C); + + if (!pstat) { + return ""; + } + + if ((pwd=getpwuid(pstat->st_uid))==NULL) { + return ""; + } + SG(request_info).current_user_length = strlen(pwd->pw_name); + SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length); + + return SG(request_info).current_user; +} + /* {{{ proto mixed call_user_func(string function_name [, mixed parmeter] [, mixed ...]) Call a user function which is the first parameter */ PHP_FUNCTION(call_user_func) diff --git a/ext/standard/basic_functions.h b/ext/standard/basic_functions.h index 07197f7b9b131..76837efbe68bd 100644 --- a/ext/standard/basic_functions.h +++ b/ext/standard/basic_functions.h @@ -134,6 +134,7 @@ PHP_MINIT_FUNCTION(user_filters); PHP_RSHUTDOWN_FUNCTION(user_filters); PHPAPI int _php_error_log(int opt_err, char *message, char *opt, char *headers TSRMLS_DC); +PHPAPI char *php_get_current_user(); #if SIZEOF_INT == 4 /* Most 32-bit and 64-bit systems have 32-bit ints */ diff --git a/ext/tidy/tidy.c b/ext/tidy/tidy.c index 0f68eafa81ad2..2fae9c7ac9859 100644 --- a/ext/tidy/tidy.c +++ b/ext/tidy/tidy.c @@ -29,7 +29,6 @@ #include "php_ini.h" #include "ext/standard/info.h" -#include "safe_mode.h" #include "Zend/zend_exceptions.h" #include "Zend/zend_object_handlers.h" diff --git a/ext/zlib/zlib.c b/ext/zlib/zlib.c index bb4142a368a8c..0baf5e1961eb6 100644 --- a/ext/zlib/zlib.c +++ b/ext/zlib/zlib.c @@ -42,7 +42,6 @@ /* #include */ #endif #include "ext/standard/head.h" -#include "safe_mode.h" #include "ext/standard/php_standard.h" #include "ext/standard/info.h" #include "php_zlib.h" diff --git a/main/SAPI.c b/main/SAPI.c index fa59cf808ca45..85e283f339a6c 100644 --- a/main/SAPI.c +++ b/main/SAPI.c @@ -665,74 +665,9 @@ SAPI_API int sapi_header_op(sapi_header_op_enum op, void *arg TSRMLS_DC) sapi_update_response_code(401 TSRMLS_CC); /* authentication-required */ - if(PG(safe_mode)) -#if (HAVE_PCRE || HAVE_BUNDLED_PCRE) && !defined(COMPILE_DL_PCRE) - { - zval *repl_temp; - char *ptr = colon_offset+1, *result, *newheader; - int ptr_len=0, result_len = 0, newlen = 0; - - /* skip white space */ - while (isspace(*ptr)) { - ptr++; - } - - myuid = php_getuid(); - - ptr_len = strlen(ptr); - MAKE_STD_ZVAL(repl_temp); - Z_TYPE_P(repl_temp) = IS_STRING; - Z_STRVAL_P(repl_temp) = emalloc(32); - Z_STRLEN_P(repl_temp) = sprintf(Z_STRVAL_P(repl_temp), "realm=\"\\1-%ld\"", myuid); - /* Modify quoted realm value */ - result = php_pcre_replace("/realm=\"(.*?)\"/i", 16, - ptr, ptr_len, - repl_temp, - 0, &result_len, -1, NULL TSRMLS_CC); - if(result_len==ptr_len) { - efree(result); - sprintf(Z_STRVAL_P(repl_temp), "realm=\\1-%ld\\2", myuid); - /* modify unquoted realm value */ - result = php_pcre_replace("/realm=([^\\s]+)(.*)/i", 21, - ptr, ptr_len, - repl_temp, - 0, &result_len, -1, NULL TSRMLS_CC); - if(result_len==ptr_len) { - char *lower_temp = estrdup(ptr); - char conv_temp[32]; - int conv_len; - - php_strtolower(lower_temp,strlen(lower_temp)); - /* If there is no realm string at all, append one */ - if(!strstr(lower_temp,"realm")) { - efree(result); - conv_len = sprintf(conv_temp, " realm=\"%ld\"",myuid); - result = emalloc(ptr_len+conv_len+1); - result_len = ptr_len+conv_len; - memcpy(result, ptr, ptr_len); - memcpy(result+ptr_len, conv_temp, conv_len); - *(result+ptr_len+conv_len) = '\0'; - } - efree(lower_temp); - } - } - newlen = sizeof("WWW-Authenticate: ") - 1 + result_len; - newheader = emalloc(newlen+1); - sprintf(newheader,"WWW-Authenticate: %s", result); - efree(header_line); - sapi_header.header = newheader; - sapi_header.header_len = newlen; - efree(result); - efree(Z_STRVAL_P(repl_temp)); - efree(repl_temp); - } -#else - { - myuid = php_getuid(); - efree(header_line); - sapi_header.header_len = spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"", myuid); - } -#endif + myuid = php_getuid(); + efree(header_line); + sapi_header.header_len = spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"", myuid); } if (sapi_header.header==header_line) { *colon_offset = ':'; diff --git a/main/config.w32.h b/main/config.w32.h index 724a8a1569ae2..6a3a8ca476d46 100644 --- a/main/config.w32.h +++ b/main/config.w32.h @@ -82,8 +82,6 @@ /* PHP Runtime Configuration */ #define FORCE_CGI_REDIRECT 1 #define PHP_URL_FOPEN 1 -#define PHP_SAFE_MODE 0 -#define MAGIC_QUOTES 0 #define USE_CONFIG_FILE 1 #define DEFAULT_SHORT_OPEN_TAG "1" #define ENABLE_PATHINFO_CHECK 1 diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index 4b2c0e8b24a23..67bc0f7c40d6d 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -39,7 +39,6 @@ #include #endif -#include "safe_mode.h" #include "ext/standard/head.h" #include "ext/standard/php_standard.h" #include "zend_compile.h" @@ -332,11 +331,6 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char ** return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } - /* - * files in safe_mode_include_dir (or subdir) are excluded from - * safe mode GID/UID checks - */ - /* Absolute path open */ /* FIXME: Andi - Do we actually need the if()? */ if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) { diff --git a/main/main.c b/main/main.c index 387f84644f468..92d81a6ccfb11 100644 --- a/main/main.c +++ b/main/main.c @@ -324,9 +324,7 @@ static PHP_INI_MH(OnUpdateDefaultMimetype) } /* }}} */ -/* Need to convert to strings and make use of: - * PHP_SAFE_MODE - * +/* * Need to be read from the environment (?): * PHP_AUTO_PREPEND_FILE * PHP_AUTO_APPEND_FILE @@ -335,10 +333,6 @@ static PHP_INI_MH(OnUpdateDefaultMimetype) * PHP_INCLUDE_PATH */ -#ifndef PHP_SAFE_MODE_EXEC_DIR -# define PHP_SAFE_MODE_EXEC_DIR "" -#endif - #if defined(PHP_PROG_SENDMAIL) && !defined(NETWARE) # define DEFAULT_SENDMAIL_PATH PHP_PROG_SENDMAIL " -t -i " #else @@ -380,13 +374,6 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_long_arrays", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_long_arrays, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("auto_globals_jit", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, auto_globals_jit, php_core_globals, core_globals) -#if PHP_SAFE_MODE - STD_PHP_INI_BOOLEAN("safe_mode", "1", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals) -#else - STD_PHP_INI_BOOLEAN("safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals) -#endif - STD_PHP_INI_ENTRY("safe_mode_include_dir", NULL, PHP_INI_SYSTEM, OnUpdateString, safe_mode_include_dir, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("safe_mode_gid", "0", PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("short_open_tag", DEFAULT_SHORT_OPEN_TAG, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags, zend_compiler_globals, compiler_globals) STD_PHP_INI_BOOLEAN("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("track_errors", "0", PHP_INI_ALL, OnUpdateBool, track_errors, php_core_globals, core_globals) @@ -408,7 +395,6 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("include_path", PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty, include_path, php_core_globals, core_globals) PHP_INI_ENTRY("max_execution_time", "30", PHP_INI_ALL, OnUpdateTimeout) STD_PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_SYSTEM, OnUpdateString, open_basedir, php_core_globals, core_globals) - STD_PHP_INI_ENTRY("safe_mode_exec_dir", PHP_SAFE_MODE_EXEC_DIR, PHP_INI_SYSTEM, OnUpdateString, safe_mode_exec_dir, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("file_uploads", "1", PHP_INI_SYSTEM, OnUpdateBool, file_uploads, php_core_globals, core_globals) STD_PHP_INI_ENTRY("upload_max_filesize", "2M", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, upload_max_filesize, php_core_globals, core_globals) @@ -973,11 +959,6 @@ PHP_FUNCTION(set_time_limit) { zval **new_timeout; - if (PG(safe_mode)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot set time limit in safe mode"); - RETURN_FALSE; - } - if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &new_timeout) == FAILURE) { WRONG_PARAM_COUNT; } diff --git a/main/php.h b/main/php.h index a4394337a7972..90e3ad68d35f3 100644 --- a/main/php.h +++ b/main/php.h @@ -189,8 +189,6 @@ typedef zval pval; # endif #endif -#include "safe_mode.h" - #ifndef HAVE_STRERROR char *strerror(int); #endif diff --git a/main/php_globals.h b/main/php_globals.h index 6b03b00da1389..74b6c12f63de5 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -50,15 +50,11 @@ typedef struct _arg_separators { } arg_separators; struct _php_core_globals { - zend_bool safe_mode; - zend_bool allow_call_time_pass_reference; zend_bool implicit_flush; long output_buffering; - char *safe_mode_include_dir; - zend_bool safe_mode_gid; zend_bool sql_safe_mode; zend_bool enable_dl; @@ -67,8 +63,6 @@ struct _php_core_globals { char *unserialize_callback_func; long serialize_precision; - char *safe_mode_exec_dir; - long memory_limit; long max_input_time; diff --git a/main/php_ini.c b/main/php_ini.c index b52ce72ee1e5f..7be9c41ee091c 100644 --- a/main/php_ini.c +++ b/main/php_ini.c @@ -259,7 +259,6 @@ static void pvalue_config_destructor(zval *pvalue) int php_init_config(TSRMLS_D) { char *php_ini_search_path = NULL; - int safe_mode_state; char *open_basedir; int free_ini_search_path = 0; zend_file_handle fh; @@ -282,7 +281,6 @@ int php_init_config(TSRMLS_D) zend_llist_init(&extension_lists.functions, sizeof(zval), (llist_dtor_func_t) ZVAL_DESTRUCTOR, 1); zend_llist_init(&scanned_ini_list, sizeof(char *), (llist_dtor_func_t) free_estring, 1); - safe_mode_state = PG(safe_mode); open_basedir = PG(open_basedir); if (sapi_module.php_ini_path_override) { @@ -415,7 +413,6 @@ int php_init_config(TSRMLS_D) #endif } - PG(safe_mode) = 0; PG(open_basedir) = NULL; memset(&fh, 0, sizeof(fh)); @@ -455,7 +452,6 @@ int php_init_config(TSRMLS_D) efree(php_ini_search_path); } - PG(safe_mode) = safe_mode_state; PG(open_basedir) = open_basedir; if (fh.handle.fp) { diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index a8593c04bfb27..adfb9b4bf1a32 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -1194,11 +1194,6 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char return php_stream_fopen_rel(filename, mode, opened_path, options); } - /* - * files in safe_mode_include_dir (or subdir) are excluded from - * safe mode GID/UID checks - */ - not_relative_path: /* Absolute path open */ diff --git a/php.ini-dist b/php.ini-dist index c3e8f48ffdf6d..d4fd0ff1ff395 100644 --- a/php.ini-dist +++ b/php.ini-dist @@ -162,41 +162,6 @@ serialize_precision = 100 ; reference). allow_call_time_pass_reference = On -; -; Safe Mode -; -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -safe_mode_protected_env_vars = LD_LIBRARY_PATH - ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. This directive is diff --git a/php.ini-recommended b/php.ini-recommended index e0f993a2665be..013e4e05016b6 100644 --- a/php.ini-recommended +++ b/php.ini-recommended @@ -204,41 +204,6 @@ serialize_precision = 100 ; reference). allow_call_time_pass_reference = Off -; -; Safe Mode -; -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -safe_mode_protected_env_vars = LD_LIBRARY_PATH - ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. This directive is diff --git a/run-tests.php b/run-tests.php index d70d14c9fdf87..47e3922f92510 100755 --- a/run-tests.php +++ b/run-tests.php @@ -82,21 +82,6 @@ error_reporting(E_ALL); ini_set('magic_quotes_runtime',0); // this would break tests by modifying EXPECT sections -if (ini_get('safe_mode')) { - echo <<< SAFE_MODE_WARNING - -+-----------------------------------------------------------+ -| ! WARNING ! | -| You are running the test-suite with "safe_mode" ENABLED ! | -| | -| Chances are high that no test will work at all, | -| depending on how you configured "safe_mode" ! | -+-----------------------------------------------------------+ - - -SAFE_MODE_WARNING; -} - $environment = isset($_ENV) ? $_ENV : array(); // Don't ever guess at the PHP executable location. @@ -145,7 +130,6 @@ $ini_overwrites = array( 'output_handler=', 'open_basedir=', - 'safe_mode=0', 'disable_functions=', 'output_buffering=Off', 'error_reporting=8191', diff --git a/server-tests.php b/server-tests.php index 4b06ee51458f4..00055c24bd779 100755 --- a/server-tests.php +++ b/server-tests.php @@ -48,14 +48,6 @@ | with --with-pcre-regex or if you have compiled pcre as a | | shared module load it via php.ini. | +-----------------------------------------------------------+'); -define('SAFE_MODE_WARNING', -'+-----------------------------------------------------------+ -| ! WARNING ! | -| You are running the test-suite with "safe_mode" ENABLED ! | -| | -| Chances are high that no test will work at all, | -| depending on how you configured "safe_mode" ! | -+-----------------------------------------------------------+'); define('TMP_MISSING', '+-----------------------------------------------------------+ | ! ERROR ! | @@ -464,7 +456,6 @@ class testHarness { 'output_handler'=>'', 'zlib.output_compression'=>'Off', 'open_basedir'=>'', - 'safe_mode'=>'0', 'disable_functions'=>'', 'output_buffering'=>'Off', 'error_reporting'=>'4095', @@ -762,9 +753,6 @@ function checkRequirements() { $this->writemsg(PCRE_MISSING_ERROR); exit; } - if (ini_get('safe_mode')) { - $this->writemsg(SAFE_MODE_WARNING); - } } // diff --git a/win32/build/config.w32 b/win32/build/config.w32 index 3993b1e9acf37..2ccb05c86652c 100644 --- a/win32/build/config.w32 +++ b/win32/build/config.w32 @@ -273,7 +273,7 @@ ADD_SOURCES("Zend", "zend_language_parser.c zend_language_scanner.c \ zend_object_handlers.c zend_objects_API.c zend_unicode.c zend_strtol.c \ zend_mm.c zend_default_classes.c zend_execute.c zend_strtod.c"); -ADD_SOURCES("main", "main.c snprintf.c spprintf.c safe_mode.c fopen_wrappers.c \ +ADD_SOURCES("main", "main.c snprintf.c spprintf.c fopen_wrappers.c \ php_scandir.c php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \ strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c network.c \ php_open_temporary_file.c php_logos.c output.c internal_functions.c php_sprintf.c"); diff --git a/win32/install.txt b/win32/install.txt index 470d944e2ad19..c88fc2cf70c21 100644 --- a/win32/install.txt +++ b/win32/install.txt @@ -1575,15 +1575,12 @@ Running PHP as an Apache module Example 5-2. Apache configuration example php_value include_path ".:/usr/local/lib/php" - php_admin_flag safe_mode on php_value include_path ".:/usr/local/lib/php" - php_admin_flag safe_mode on php3_include_path ".:/usr/local/lib/php" - php3_safe_mode on Caution diff --git a/win32/php5dll.dsp b/win32/php5dll.dsp index c83e8d32411be..21486fdfd4960 100644 --- a/win32/php5dll.dsp +++ b/win32/php5dll.dsp @@ -196,10 +196,6 @@ SOURCE=..\main\rfc1867.c # End Source File # Begin Source File -SOURCE=..\main\safe_mode.c -# End Source File -# Begin Source File - SOURCE=..\main\SAPI.c # End Source File # Begin Source File @@ -316,10 +312,6 @@ SOURCE=..\main\rfc1867.h # End Source File # Begin Source File -SOURCE=..\main\safe_mode.h -# End Source File -# Begin Source File - SOURCE=..\main\SAPI.h # End Source File # Begin Source File diff --git a/win32/php5dllts.dsp b/win32/php5dllts.dsp index 527f0c1847b9c..eb8966c99bed6 100644 --- a/win32/php5dllts.dsp +++ b/win32/php5dllts.dsp @@ -237,10 +237,6 @@ SOURCE=..\main\rfc1867.c # End Source File # Begin Source File -SOURCE=..\main\safe_mode.c -# End Source File -# Begin Source File - SOURCE=..\main\SAPI.c # End Source File # Begin Source File @@ -353,10 +349,6 @@ SOURCE=..\main\rfc1867.h # End Source File # Begin Source File -SOURCE=..\main\safe_mode.h -# End Source File -# Begin Source File - SOURCE=..\main\SAPI.h # End Source File # Begin Source File