diff options
| author | James E. Flemer <jflemer@php.net> | 2001-07-13 18:21:21 +0000 |
|---|---|---|
| committer | James E. Flemer <jflemer@php.net> | 2001-07-13 18:21:21 +0000 |
| commit | 771e3e498fad6adcdc63d03ab97d4ff1f93a3987 (patch) | |
| tree | 7cc1ecaa721adb2f927d947d5b61dae10760a42d /main/php_globals.h | |
| parent | b9325a36a8df9619e4485b166516cff1e9193406 (diff) | |
| download | php-git-771e3e498fad6adcdc63d03ab97d4ff1f93a3987.tar.gz | |
o Fixed Bug #12121: chdir and safe_mode
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails
- [ ext/standard/dir.c ] changed php_checkuid() to use
CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR
- [ main/safe_mode.c ] added code for new checkuid mode
o Fixed Bug #12119: safe mode owner check can be bypassed with symlink
- [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
of symlink before trimming filename
o New Feature: safe_mode_include_dir (php.ini directive)
- Allows bypassing UID/GID checks when including files
from the directory in safe_mode_include_dir and its
subdirectories. (safe_mode must be on, directory must
also be in include_path or full path must be used when
including)
o Fixed Feature: safe_mode_gid (php.ini directive)
- Correctly check (and report) UID/GID bits on directories
o Changed include() fall back to scripts cwd implementation
- CWD added to the (local) search path in php_fopen_with_path()
instead of seperate case. [ main/fopen_wrappers.c ]
Diffstat (limited to 'main/php_globals.h')
| -rw-r--r-- | main/php_globals.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/main/php_globals.h b/main/php_globals.h index f426b9ed89..56de68d7e1 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -68,6 +68,7 @@ struct _php_core_globals { zend_bool implicit_flush; zend_bool safe_mode; + char *safe_mode_include_dir; zend_bool safe_mode_gid; zend_bool sql_safe_mode; zend_bool enable_dl; |