Add getmygid() and safe_mode_gid ini directive to allow safe mode to do

rlerdorf · rlerdorf · commit 934e10c7dc79 · 2001-07-09T17:36:04.000Z
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
@@ -268,6 +268,7 @@ function_entry basic_functions[] = {
 #endif
 
 	PHP_FE(getmyuid,								NULL)
+	PHP_FE(getmygid,								NULL)
 	PHP_FE(getmypid,								NULL)
 	PHP_FE(getmyinode,								NULL)
 	PHP_FE(getlastmod,								NULL)
@@ -846,6 +847,7 @@ PHP_RINIT_FUNCTION(basic)
 	BG(mmap_file) = NULL;
 #endif
 	BG(page_uid) = -1;
+	BG(page_gid) = -1;
 	BG(page_inode) = -1;
 	BG(page_mtime) = -1;
 #ifdef HAVE_PUTENV
diff --git a/ext/standard/basic_functions.h b/ext/standard/basic_functions.h
@@ -155,6 +155,7 @@ typedef struct {
  
 	/* pageinfo.c */
 	long page_uid;
+	long page_gid;
 	long page_inode;
 	long page_mtime;
 
diff --git a/ext/standard/pageinfo.c b/ext/standard/pageinfo.c
@@ -49,9 +49,10 @@ static void php_statpage(BLS_D)
 
 	pstat = sapi_get_stat();
 
-	if (BG(page_uid)==-1) {
+	if (BG(page_uid)==-1 || BG(page_gid)==-1) {
 		if(pstat) {
 			BG(page_uid)   = pstat->st_uid;
+			BG(page_gid)   = pstat->st_gid;
 			BG(page_inode) = pstat->st_ino;
 			BG(page_mtime) = pstat->st_mtime;
 		} 
@@ -70,6 +71,14 @@ long php_getuid(void)
 }
 /* }}} */
 
+long php_getgid(void)
+{
+	BLS_FETCH();
+
+	php_statpage(BLS_C);
+	return (BG(page_gid));
+}
+
 /* {{{ proto int getmyuid(void)
    Get PHP script owner's UID */
 PHP_FUNCTION(getmyuid)
@@ -85,6 +94,21 @@ PHP_FUNCTION(getmyuid)
 }
 /* }}} */
 
+/* {{{ proto int getmygid(void)
+   Get PHP script owner's GID */
+PHP_FUNCTION(getmygid)
+{
+	long gid;
+	
+	gid = php_getgid();
+	if (gid < 0) {
+		RETURN_FALSE;
+	} else {
+		RETURN_LONG(gid);
+	}
+}
+/* }}} */
+
 /* {{{ proto int getmypid(void)
    Get current process ID */
 PHP_FUNCTION(getmypid)
diff --git a/ext/standard/pageinfo.h b/ext/standard/pageinfo.h
@@ -22,10 +22,12 @@
 #define PAGEINFO_H
 
 PHP_FUNCTION(getmyuid);
+PHP_FUNCTION(getmygid);
 PHP_FUNCTION(getmypid);
 PHP_FUNCTION(getmyinode);
 PHP_FUNCTION(getlastmod);
 
 extern long php_getuid(void);
+extern long php_getgid(void);
 
 #endif
diff --git a/main/main.c b/main/main.c
@@ -213,6 +213,7 @@ PHP_INI_BEGIN()
 	STD_PHP_INI_BOOLEAN("register_argc_argv",	"1",		PHP_INI_ALL,		OnUpdateBool,			register_argc_argv,		php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("register_globals",		"1",		PHP_INI_ALL,		OnUpdateBool,			register_globals,		php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("safe_mode",			"0",		PHP_INI_SYSTEM,		OnUpdateBool,			safe_mode,				php_core_globals,	core_globals)
+	STD_PHP_INI_BOOLEAN("safe_mode_gid",			"0",		PHP_INI_SYSTEM,		OnUpdateBool,			safe_mode_gid,				php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("short_open_tag",DEFAULT_SHORT_OPEN_TAG,	PHP_INI_SYSTEM|PHP_INI_PERDIR,		OnUpdateBool,			short_tags,				zend_compiler_globals,	compiler_globals)
 	STD_PHP_INI_BOOLEAN("sql.safe_mode",		"0",		PHP_INI_SYSTEM,		OnUpdateBool,			sql_safe_mode,			php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("track_errors",			"0",		PHP_INI_ALL,		OnUpdateBool,			track_errors,			php_core_globals,	core_globals)
diff --git a/main/php_globals.h b/main/php_globals.h
@@ -68,6 +68,7 @@ struct _php_core_globals {
 	zend_bool implicit_flush;
 
 	zend_bool safe_mode;
+	zend_bool safe_mode_gid;
 	zend_bool sql_safe_mode;
 	zend_bool enable_dl;
 
diff --git a/main/safe_mode.c b/main/safe_mode.c
@@ -29,6 +29,7 @@
 #include "ext/standard/pageinfo.h"
 #include "safe_mode.h"
 #include "SAPI.h"
+#include "php_globals.h"
 
 
 /*
@@ -46,7 +47,7 @@ PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode)
 {
 	struct stat sb;
 	int ret;
-	long uid=0L, duid=0L;
+	long uid=0L, gid=0L, duid=0L, dgid=0L;
 	char *s;
 
 	if (!filename) {
@@ -120,6 +121,8 @@ PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode)
 	}
 	if (duid == (uid=php_getuid())) {
 		return 1;
+ 	} else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) {
+ 		return 1;
 	} else {
 		SLS_FETCH();
 
@@ -129,7 +132,11 @@ PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode)
 			}
 		}
 
-		php_error(E_WARNING, "SAFE MODE Restriction in effect.  The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ 		if (PG(safe_mode_gid)) {
+ 			php_error(E_WARNING, "SAFE MODE Restriction in effect.  The script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid %ld/%ld", uid, gid, filename, duid, dgid);
+ 		} else {
+ 			php_error(E_WARNING, "SAFE MODE Restriction in effect.  The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
+ 		}			
 		return 0;
 	}
 }
diff --git a/php.ini-dist b/php.ini-dist
@@ -111,11 +111,16 @@ allow_call_time_pass_reference = On
 ;
 safe_mode = Off
 
+; By default, Safe Mode does a UID compare check when
+; opening files. If you want to relax this to a GID compare,
+; then turn on safe_mode_gid.
+safe_mode_gid = Off
+
 ; When safe_mode is on, only executables located in the safe_mode_exec_dir
 ; will be allowed to be executed via the exec family of functions.
 safe_mode_exec_dir =
 
-; open_basedir if set limits all file operations to the defined directory
+; open_basedir, if set, limits all file operations to the defined directory
 ; and below.  This directive makes most sense if used in a per-directory
 ; or per-virtualhost web server configuration file.
 ;
diff --git a/php.ini-optimized b/php.ini-optimized
@@ -81,6 +81,10 @@ allow_call_time_pass_reference	= Off	; whether to enable the ability to force ar
 
 ; Safe Mode
 safe_mode		=	Off
+safe_mode_gid	=	Off								; By default, Safe Mode does a UID compare
+													; check when opening files. If you want to
+													; relax this to a GID compare, then turn on
+													; safe_mode_gid.
 safe_mode_exec_dir	=
 safe_mode_allowed_env_vars = PHP_					; Setting certain environment variables
 													; may be a potential security breach.
diff --git a/php.ini-recommended b/php.ini-recommended
@@ -81,6 +81,10 @@ allow_call_time_pass_reference	= Off	; whether to enable the ability to force ar
 
 ; Safe Mode
 safe_mode		=	Off
+safe_mode_gid	=	Off								; By default, Safe Mode does a UID compare
+													; check when opening files. If you want to
+													; relax this to a GID compare, then turn on
+													; safe_mode_gid.
 safe_mode_exec_dir	=
 safe_mode_allowed_env_vars = PHP_					; Setting certain environment variables
 													; may be a potential security breach.

Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,7 @@`
`29`	`29`	`#include "ext/standard/pageinfo.h"`
`30`	`30`	`#include "safe_mode.h"`
`31`	`31`	`#include "SAPI.h"`
	`32`	`+#include "php_globals.h"`
`32`	`33`
`33`	`34`
`34`	`35`	`/*`
`@@ -46,7 +47,7 @@ PHPAPI int php_checkuid(const char filename, char fopen_mode, int mode)`
`46`	`47`	`{`
`47`	`48`	`struct stat sb;`
`48`	`49`	`int ret;`
`49`		`- long uid=0L, duid=0L;`
	`50`	`+ long uid=0L, gid=0L, duid=0L, dgid=0L;`
`50`	`51`	`char *s;`
`51`	`52`
`52`	`53`	`if (!filename) {`
`@@ -120,6 +121,8 @@ PHPAPI int php_checkuid(const char filename, char fopen_mode, int mode)`
`120`	`121`	`}`
`121`	`122`	`if (duid == (uid=php_getuid())) {`
`122`	`123`	`return 1;`
	`124`	`+ } else if (PG(safe_mode_gid) && dgid == (gid=php_getgid())) {`
	`125`	`+ return 1;`
`123`	`126`	`} else {`
`124`	`127`	`SLS_FETCH();`
`125`	`128`
`@@ -129,7 +132,11 @@ PHPAPI int php_checkuid(const char filename, char fopen_mode, int mode)`
`129`	`132`	`}`
`130`	`133`	`}`
`131`	`134`
`132`		`- php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);`
	`135`	`+ if (PG(safe_mode_gid)) {`
	`136`	`+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid %ld/%ld", uid, gid, filename, duid, dgid);`
	`137`	`+ } else {`
	`138`	`+ php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);`
	`139`	`+ }`
`133`	`140`	`return 0;`
`134`	`141`	`}`
`135`	`142`	`}`