php-src/main/safe_mode.c

/*
   +----------------------------------------------------------------------+
   | PHP version 4.0                                                      |
   +----------------------------------------------------------------------+
   | Copyright (c) 1997, 1998, 1999, 2000 The PHP Group                   |
   +----------------------------------------------------------------------+
   | This source file is subject to version 2.01 of the PHP license,      |
   | that is bundled with this package in the file LICENSE, and is        |
   | available at through the world-wide-web at                           |
   | http://www.php.net/license/2_01.txt.                                 |
   | If you did not receive a copy of the PHP license and are unable to   |
   | obtain it through the world-wide-web, please send a note to          |
   | license@php.net so we can mail you a copy immediately.               |
   +----------------------------------------------------------------------+
   | Authors: Rasmus Lerdorf <rasmus@lerdorf.on.ca>                       |
   +----------------------------------------------------------------------+
 */
/* $Id$ */

#include "php.h"

#include <stdio.h>
#include <stdlib.h>

#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <sys/stat.h>
#include "ext/standard/pageinfo.h"
#include "safe_mode.h"
#include "SAPI.h"

/*
 * php_checkuid
 *
 * This function has four modes:
 * 
 * 0 - return invalid (0) if file does not exist
 * 1 - return valid (1)  if file does not exist
 * 2 - if file does not exist, check directory
 * 3 - only check directory (needed for mkdir)
 */
PHPAPI int php_checkuid(const char *fn, int mode) {
	struct stat sb;
	int ret;
	long uid=0L, duid=0L;
	char *s;

	if (!fn) return(0); /* path must be provided */

	/* 
	 * If given filepath is a URL, allow - safe mode stuff
	 * related to URL's is checked in individual functions
     */	
	if (!strncasecmp(fn,"http://",7) || !strncasecmp(fn,"ftp://",6)) {
		return(1);
	}
		
	if (mode<3) {
		ret = stat(fn,&sb);
		if (ret<0 && mode < 2) {
			php_error(E_WARNING,"Unable to access %s",fn);
			return(mode);
		}
		if (ret>-1) {
			uid=sb.st_uid;
			if (uid==php_getuid()) return(1);
		}
	}
	s = strrchr(fn,'/');

	/* This loop gets rid of trailing slashes which could otherwise be
	 * used to confuse the function.
	 */
	while(s && *(s+1)=='\0' && s>fn) {
		*s='\0';
		s = strrchr(fn,'/');
	}

	if (s) {
		*s='\0';
		ret = stat(fn,&sb);
		*s='/';
		if (ret<0) {
			php_error(E_WARNING, "Unable to access %s",fn);
			return(0);
		}
		duid = sb.st_uid;
	} else {
		s = emalloc(MAXPATHLEN+1);
		if (!PHP_GETCWD(s,MAXPATHLEN)) {
			php_error(E_WARNING, "Unable to access current working directory");
			return(0);
		}
		ret = stat(s,&sb);
		efree(s);
		if (ret<0) {
			php_error(E_WARNING, "Unable to access %s",s);
			return(0);
		}
		duid = sb.st_uid;
	}
	if (duid == (uid=php_getuid())) return(1);
	else {
		php_error(E_WARNING, "SAFE MODE Restriction in effect.  The script whose uid is %ld is not allowed to access %s owned by uid %ld",uid,fn,duid);
		return(0);
	}
}


PHPAPI char *php_get_current_user()
{
	struct passwd *pwd;
	struct stat *pstat;
	SLS_FETCH();

	if (SG(request_info).current_user) {
		return SG(request_info).current_user;
	}

	/* FIXME: I need to have this somehow handled if
	USE_SAPI is defined, because cgi will also be
	interfaced in USE_SAPI */

	pstat = sapi_get_stat();

	if (!pstat) {
		return empty_string;
	}

	if ((pwd=getpwuid(pstat->st_uid))==NULL) {
		return empty_string;
	}
	SG(request_info).current_user_length = strlen(pwd->pw_name);
	SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length);
	
	return SG(request_info).current_user;		
}
PHP 4.0 1999-04-07 21:05:13 +00:00			`/*`
			`+----------------------------------------------------------------------+`
License update 1999-07-16 13:13:16 +00:00			`\| PHP version 4.0 \|`
PHP 4.0 1999-04-07 21:05:13 +00:00			`+----------------------------------------------------------------------+`
Happy Y2K patch! Happy new year (or the new millennium, depending on whether you start counting at 0 or 1). 2000-01-01 01:32:05 +00:00			`\| Copyright (c) 1997, 1998, 1999, 2000 The PHP Group \|`
PHP 4.0 1999-04-07 21:05:13 +00:00			`+----------------------------------------------------------------------+`
Get the license right... (this won't make it to RC1 of B4) 2000-02-19 23:21:46 +00:00			`\| This source file is subject to version 2.01 of the PHP license, \|`
License update 1999-07-16 13:13:16 +00:00			`\| that is bundled with this package in the file LICENSE, and is \|`
			`\| available at through the world-wide-web at \|`
Get the license right... (this won't make it to RC1 of B4) 2000-02-19 23:21:46 +00:00			`\| http://www.php.net/license/2_01.txt. \|`
License update 1999-07-16 13:13:16 +00:00			`\| If you did not receive a copy of the PHP license and are unable to \|`
			`\| obtain it through the world-wide-web, please send a note to \|`
			`\| license@php.net so we can mail you a copy immediately. \|`
PHP 4.0 1999-04-07 21:05:13 +00:00			`+----------------------------------------------------------------------+`
			`\| Authors: Rasmus Lerdorf <rasmus@lerdorf.on.ca> \|`
			`+----------------------------------------------------------------------+`
			`*/`
			`/* $Id$ */`
Remove tls.[ch] 1999-04-23 20:06:01 +00:00
PHP 4.0 1999-04-07 21:05:13 +00:00			`#include "php.h"`

			`#include <stdio.h>`
			`#include <stdlib.h>`

			`#if HAVE_UNISTD_H`
			`#include <unistd.h>`
			`#endif`
			`#include <sys/stat.h>`
First commit of re-structuring phase one. We have started using automake in sub-directories and started to move extension code into ext/<name>. For now, I have moved the "standard" extension (which is quite a mix of everything right now) and the GD extension into their own subdirs in ext/. The configure script now also runs configure in the libzend directory automatically and makes sure php4 and libzend use the same config.cache file. To avoid running configure in libzend, use the --no-recursion option. "make" in php4 also builds libzend now. The Apache module doesn't compile right now, but a fix for that is coming up. 1999-04-17 00:37:12 +00:00			`#include "ext/standard/pageinfo.h"`
PHP 4.0 1999-04-07 21:05:13 +00:00			`#include "safe_mode.h"`
* Get the Apache module to compile again * Get rid of php3_rqst, use SG(server_context) instead (there's still Apache-specific code, but it nuked a global) 1999-04-26 17:26:37 +00:00			`#include "SAPI.h"`
PHP 4.0 1999-04-07 21:05:13 +00:00
			`/*`
More php3_ annihilation 1999-12-17 19:16:50 +00:00			`* php_checkuid`
PHP 4.0 1999-04-07 21:05:13 +00:00			`*`
			`* This function has four modes:`
			`*`
			`* 0 - return invalid (0) if file does not exist`
			`* 1 - return valid (1) if file does not exist`
			`* 2 - if file does not exist, check directory`
			`* 3 - only check directory (needed for mkdir)`
			`*/`
More php3_ annihilation 1999-12-17 19:16:50 +00:00			`PHPAPI int php_checkuid(const char *fn, int mode) {`
PHP 4.0 1999-04-07 21:05:13 +00:00			`struct stat sb;`
			`int ret;`
			`long uid=0L, duid=0L;`
			`char *s;`

			`if (!fn) return(0); /* path must be provided */`

			`/*`
			`* If given filepath is a URL, allow - safe mode stuff`
			`* related to URL's is checked in individual functions`
			`*/`
			`if (!strncasecmp(fn,"http://",7) \|\| !strncasecmp(fn,"ftp://",6)) {`
			`return(1);`
			`}`

			`if (mode<3) {`
			`ret = stat(fn,&sb);`
			`if (ret<0 && mode < 2) {`
Removed '3' from key functions in PHP (maintained compatibility through php3_compat.h) 1999-08-02 19:17:14 +00:00			`php_error(E_WARNING,"Unable to access %s",fn);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return(mode);`
			`}`
			`if (ret>-1) {`
			`uid=sb.st_uid;`
More php3_ annihilation 1999-12-17 19:51:39 +00:00			`if (uid==php_getuid()) return(1);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`}`
			`}`
			`s = strrchr(fn,'/');`

			`/* This loop gets rid of trailing slashes which could otherwise be`
			`* used to confuse the function.`
			`*/`
			`while(s && *(s+1)=='\0' && s>fn) {`
# Fix silly typo 2000-01-08 14:36:12 +00:00			`*s='\0';`
PHP 4.0 1999-04-07 21:05:13 +00:00			`s = strrchr(fn,'/');`
			`}`

			`if (s) {`
			`*s='\0';`
			`ret = stat(fn,&sb);`
			`*s='/';`
			`if (ret<0) {`
Removed '3' from key functions in PHP (maintained compatibility through php3_compat.h) 1999-08-02 19:17:14 +00:00			`php_error(E_WARNING, "Unable to access %s",fn);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return(0);`
			`}`
			`duid = sb.st_uid;`
			`} else {`
			`s = emalloc(MAXPATHLEN+1);`
- Fix another bug in session.c - Start using the new PHP_GETCWD() and co. macros 2000-03-30 22:38:50 +00:00			`if (!PHP_GETCWD(s,MAXPATHLEN)) {`
Removed '3' from key functions in PHP (maintained compatibility through php3_compat.h) 1999-08-02 19:17:14 +00:00			`php_error(E_WARNING, "Unable to access current working directory");`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return(0);`
			`}`
			`ret = stat(s,&sb);`
			`efree(s);`
			`if (ret<0) {`
Removed '3' from key functions in PHP (maintained compatibility through php3_compat.h) 1999-08-02 19:17:14 +00:00			`php_error(E_WARNING, "Unable to access %s",s);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return(0);`
			`}`
			`duid = sb.st_uid;`
			`}`
More php3_ annihilation 1999-12-17 19:51:39 +00:00			`if (duid == (uid=php_getuid())) return(1);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`else {`
Removed '3' from key functions in PHP (maintained compatibility through php3_compat.h) 1999-08-02 19:17:14 +00:00			`php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld",uid,fn,duid);`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return(0);`
			`}`
			`}`


More php3_ annihilation 1999-12-17 19:16:50 +00:00			`PHPAPI char *php_get_current_user()`
PHP 4.0 1999-04-07 21:05:13 +00:00			`{`
			`struct passwd *pwd;`
More cleanup! 2000-02-10 18:19:04 +00:00			`struct stat *pstat;`
* Get the Apache module to compile again * Get rid of php3_rqst, use SG(server_context) instead (there's still Apache-specific code, but it nuked a global) 1999-04-26 17:26:37 +00:00			`SLS_FETCH();`
PHP 4.0 1999-04-07 21:05:13 +00:00
request_info.c is dead! long live SAPI @- Finished the server abstraction layer; All of the PHP code is now shared @ across different servers (Apache, CGI, IIS, etc.), except for thin @ interface modules (Zeev) 2000-02-10 20:13:08 +00:00			`if (SG(request_info).current_user) {`
			`return SG(request_info).current_user;`
PHP 4.0 1999-04-07 21:05:13 +00:00			`}`

			`/* FIXME: I need to have this somehow handled if`
			`USE_SAPI is defined, because cgi will also be`
			`interfaced in USE_SAPI */`
More cleanup... 2000-02-10 17:26:57 +00:00
More cleanup! 2000-02-10 18:19:04 +00:00			`pstat = sapi_get_stat();`
More cleanup... 2000-02-10 17:26:57 +00:00
More cleanup! 2000-02-10 18:19:04 +00:00			`if (!pstat) {`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return empty_string;`
			`}`

More cleanup! 2000-02-10 18:19:04 +00:00			`if ((pwd=getpwuid(pstat->st_uid))==NULL) {`
PHP 4.0 1999-04-07 21:05:13 +00:00			`return empty_string;`
			`}`
request_info.c is dead! long live SAPI @- Finished the server abstraction layer; All of the PHP code is now shared @ across different servers (Apache, CGI, IIS, etc.), except for thin @ interface modules (Zeev) 2000-02-10 20:13:08 +00:00			`SG(request_info).current_user_length = strlen(pwd->pw_name);`
			`SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length);`
PHP 4.0 1999-04-07 21:05:13 +00:00
request_info.c is dead! long live SAPI @- Finished the server abstraction layer; All of the PHP code is now shared @ across different servers (Apache, CGI, IIS, etc.), except for thin @ interface modules (Zeev) 2000-02-10 20:13:08 +00:00			`return SG(request_info).current_user;`
PHP 4.0 1999-04-07 21:05:13 +00:00			`}`