tests/security/open_basedir.inc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

<?php

// This file contains helper functions for testing open_basedir configuration
// Care must be taken with where the directories are created because different
// SAPIs set the working directory differently. So simply creating a directory
// relative to the current working directory like this: mkdir("blah") might
// actually create it in several different places depending on the SAPI..!
//
// Note also depending on the version of php being tested, so the open_basedir
// configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
//
// For this reason we set the open_basedir to . (current directory) and then
// move around to various directories for testing using chdir(). This is NOT
// recommended for production use as . bypasses all semblances of security..!
//
// Although safe mode has been removed in php 6.0, open_basedir is still valid.
//      See http://www.php.net/features.safe-mode for more information

function recursive_delete_directory($directory) {

    // Remove any trailing slash first
    if (substr($directory, -1) == '/') {
        $directory = substr($directory, 0, -1);
    }

    // Make sure the directory is valid
    if (is_dir($directory) == FALSE) {
        return FALSE;
    }

    // Check we can access the directory
    if (is_readable($directory) == FALSE) {
        return FALSE;
    }

    $handle = opendir($directory);

    // Scan through the directory contents
    while (FALSE !== ($item = readdir($handle))) {
        if ($item != '.') {
             if ($item != '..') {
                $path = ($directory.'/'.$item);
                if (is_dir($path) == TRUE) {
                    recursive_delete_directory($path);
                } else {
                    @chmod($path, 0777);
                    unlink($path);
                }
            }
        }
    }

    closedir($handle);
    @chmod($directory, 0777);
    rmdir($directory);

    return TRUE;
}

function create_directories() {
    delete_directories();
    $directory = getcwd();

    var_dump(mkdir($directory."/test"));
    var_dump(mkdir($directory."/test/ok"));
    var_dump(mkdir($directory."/test/bad"));
    file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
    file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
}

function delete_directories() {
    $directory = (getcwd()."/test");
    recursive_delete_directory($directory);
}

function test_open_basedir_error($function) {
    global $savedDirectory;
    var_dump($function("../bad"));
    var_dump($function("../bad/bad.txt"));
    var_dump($function(".."));
    var_dump($function("../"));
    var_dump($function("/"));
    var_dump($function("../bad/."));
    $directory = $savedDirectory;
    var_dump($function($directory."/test/bad/bad.txt"));
    var_dump($function($directory."/test/bad/../bad/bad.txt"));
}

function test_open_basedir_before($function, $change = TRUE) {
    global $savedDirectory;
    echo "*** Testing open_basedir configuration [$function] ***\n";
    $directory = getcwd();
    $savedDirectory = $directory;
    var_dump(chdir($directory));
    create_directories();

    // Optionally change directory
    if ($change == TRUE) {
        var_dump(chdir($directory."/test/ok"));
    }
}

// Delete directories using a --CLEAN-- section!
function test_open_basedir_after($function) {
    echo "*** Finished testing open_basedir configuration [$function] ***\n";
}

// This is used by functions that return an array on success
function test_open_basedir_array($function) {
    global $savedDirectory;

    test_open_basedir_before($function);
    test_open_basedir_error($function);
    var_dump(is_array($function("./../.")));
    var_dump(is_array($function("../ok")));
    var_dump(is_array($function("ok.txt")));
    var_dump(is_array($function("../ok/ok.txt")));
    $directory = $savedDirectory;
    var_dump(is_array($function($directory."/test/ok/ok.txt")));
    var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
    test_open_basedir_after($function);
}

function test_open_basedir($function) {
    global $savedDirectory;
    test_open_basedir_before($function);
    test_open_basedir_error($function);
    var_dump($function("./../."));
    var_dump($function("../ok"));
    var_dump($function("ok.txt"));
    var_dump($function("../ok/ok.txt"));
    $directory = $savedDirectory;
    var_dump($function($directory."/test/ok/ok.txt"));
    var_dump($function($directory."/test/ok/../ok/ok.txt"));
    test_open_basedir_after($function);
}

?>