summaryrefslogtreecommitdiff
path: root/main/safe_mode.c
Commit message (Collapse)AuthorAgeFilesLines
* MFH Fix for Bug #21310Wez Furlong2003-03-171-0/+5
|
* MFHIlia Alshanetsky2003-01-091-4/+4
|
* MFHSara Golemon2003-01-091-10/+22
|
* MFH: Bump year.Sebastian Bergmann2002-12-311-1/+1
|
* Instead of checking whether realpath exists based on OS. Use theIlia Alshanetsky2002-11-061-4/+0
| | | | | | HAVE_REALPATH define, which is set if realpath() is avaliable. This patch also resolves bug #18868.
* Add some more BeOS support.David Reid2002-10-021-0/+3
|
* use php_error_docref()Marcus Boerger2002-08-251-5/+5
|
* Enhance Ilia's recent patch to query the wrapper subsystem to determineWez Furlong2002-08-161-2/+3
| | | | | if a filename is a URL and thus if safe-mode checks should be skipped.
* Make https:// be exempt from safe_mode checks, just like http:// & ftp:// are.Ilia Alshanetsky2002-08-161-1/+1
|
* Accoding to safe_mode.h, php_checkuid() has six modes.Yasuo Ohgaki2002-07-171-1/+3
|
* Fix bug: #18285, php_checkuid() mangled the passed path.foobar2002-07-131-3/+6
|
* SAFE_MODE restriction error message fixed if the file doesn't existStefan Esser2002-03-171-1/+9
|
* fixed a typo within checkuidStefan Esser2002-03-141-2/+2
|
* (php_checkuid) Added case for root directory when mode isJames E. Flemer2002-03-031-1/+4
| | | | | not CHECKUID_ALLOW_ONLY_DIR.
* (php_checkuid) Added case for root directory when mode isJames E. Flemer2002-03-031-1/+5
| | | | | CHECKUID_ALLOW_ONLY_DIR.
* Maintain headers.Sebastian Bergmann2002-02-281-1/+1
|
* Update headers.Sebastian Bergmann2001-12-111-2/+2
|
* - Don't wrap lines... this is annoying while coding.Derick Rethans2001-09-091-2/+2
|
* - TSRMLS_FETCH workZeev Suraski2001-08-051-3/+3
| | | | | - whitespace fixes
* More TSRMLS_FETCH work. Got it under 400 now.Zeev Suraski2001-07-311-1/+1
|
* Redesigned thread safety mechanism - nua nuaZeev Suraski2001-07-281-3/+3
|
* Fix a couple of build warningsRasmus Lerdorf2001-07-161-1/+1
|
* o Fixed Bug #12121: chdir and safe_modeJames E. Flemer2001-07-131-42/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - [ main/safe_mode.h ] added new checkuid mode: CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check fails - [ ext/standard/dir.c ] changed php_checkuid() to use CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR - [ main/safe_mode.c ] added code for new checkuid mode o Fixed Bug #12119: safe mode owner check can be bypassed with symlink - [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination of symlink before trimming filename o New Feature: safe_mode_include_dir (php.ini directive) - Allows bypassing UID/GID checks when including files from the directory in safe_mode_include_dir and its subdirectories. (safe_mode must be on, directory must also be in include_path or full path must be used when including) o Fixed Feature: safe_mode_gid (php.ini directive) - Correctly check (and report) UID/GID bits on directories o Changed include() fall back to scripts cwd implementation - CWD added to the (local) search path in php_fopen_with_path() instead of seperate case. [ main/fopen_wrappers.c ]
* Fix Windows build (I think)Rasmus Lerdorf2001-07-091-0/+1
|
* Add getmygid() and safe_mode_gid ini directive to allow safe mode to doRasmus Lerdorf2001-07-091-2/+9
| | | | | | | a gid check instead of a uid check. @ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do @ a gid check instead of a uid check. (James E. Flemer, Rasmus)
* Fix folding and clean up some extensionsRasmus Lerdorf2001-06-061-1/+2
|
* vim-6 does folding - clean up a bunch of missing folding tags plusRasmus Lerdorf2001-06-051-0/+8
| | | | | some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
* - Change macros from V_ to VCWD_ because of AIX name clashAndi Gutmans2001-04-301-4/+4
|
* - Fix copyright notices with 2001Andi Gutmans2001-02-261-1/+1
|
* - Fix warningAndi Gutmans2001-02-121-1/+1
| | | | | | | | PR: Submitted by: Reviewed by: Obtained from:
* @- Allow access to uploaded files in safe_mode. Beware that you can onlyThies C. Arntzen2001-01-091-0/+8
| | | | | | @ read the file. If you copy it to new location the copy will not have the @ right UID and you script won't be able to access that copy. (Thies)
* - Make all places use MAXPATHLEN in the same way. It includes theAndi Gutmans2000-12-161-1/+1
| | | | | terminating NULL.
* - Define the different possible modes for readibility and use in the restAndi Gutmans2000-11-011-34/+44
| | | | | - of PHP
* - In function declerations the opening { should be on a new lineAndi Gutmans2000-11-011-1/+2
|
* - I wrote a long msg but the commit didn't go through.Zeev Suraski2000-06-251-1/+9
| | | | | | | | | | - So here is the short version: - a) Start moving to binary opens in Windows - b) Give checkuid_mode() a small face lift including the fopen-wrappers.c - The mode to this function should at least be a #define but that is for - another day. Anyway this whole stuff should be given more face lifts in - the future.
* Update the license with the new clause 6Zeev Suraski2000-05-181-2/+2
|
* - Add missing V_STAT()Andi Gutmans2000-04-201-3/+3
|
* - Change PHP_ to V_ (directory & file functions)Andi Gutmans2000-04-151-1/+1
|
* - Fix another bug in session.cAndi Gutmans2000-03-301-1/+1
| | | | | - Start using the new PHP_GETCWD() and co. macros
* Get the license right... (this won't make it to RC1 of B4)Zeev Suraski2000-02-191-2/+2
|
* request_info.c is dead! long live SAPIZeev Suraski2000-02-101-5/+5
| | | | | | | @- Finished the server abstraction layer; All of the PHP code is now shared @ across different servers (Apache, CGI, IIS, etc.), except for thin @ interface modules (Zeev)
* More cleanup!Zeev Suraski2000-02-101-4/+4
|
* More cleanup...Zeev Suraski2000-02-101-10/+4
|
* # Fix silly typoRasmus Lerdorf2000-01-081-1/+1
|
* Happy Y2K patch! Happy new year (or the new millennium, depending on whetherSascha Schumann2000-01-011-1/+1
| | | | | you start counting at 0 or 1).
* More php3_ annihilationZeev Suraski1999-12-171-2/+2
|
* More php3_ annihilationZeev Suraski1999-12-171-3/+3
|
* Removed '3' from key functions in PHP (maintained compatibility throughZeev Suraski1999-08-021-5/+5
| | | | | php3_compat.h)
* License updateZeev Suraski1999-07-161-20/+9
|
* * Get rid of another request_info element (filename)Zeev Suraski1999-06-261-1/+1
| | | | | * CGI through Apache should work now
View Lorry Controller Status