On Wed, 2005-01-26 at 12:41 -0800, Richard Lynch wrote: > Eric Dorland wrote: > > We've created our own CMS in PHP and we'd like to allow our users to do > > more sophisticated things, like embed there own PHP code in pages. We > > already run in safe-mode with our code, but we would like to run their > > code in an even more restricted environment than our own code (ie, > > disable some more functions, etc). Something similar to Perl's Safe > > module > > (http://www.cs.usask.ca/resources/documentation/perl/Safe.pm.html). Is > > this at all possible in PHP? Can you turn on more safe mode restrictions > > on certain bits of code? > > A crude start might be to use http://php.net/exec to start ANOTHER php > process with a different php.ini which is more restrictive. I had thought of this, but performance wise and elegance wise it doesn't seem like a good solution. We may just run another webserver where we can put the untrusted code and just websuck it and pour it into our pages. I was just hoping for a cleaner solution. > The problem there, though, is that you can only rule out "bad" functions > (black-list) instead of listing all "good" function (white list) in > php.ini, so you'd have to come up with an exhaustive list of things you > think are "bad" which will change with every release and is generally > considered the wrong way to go about security... > > You may be better off, then, by writing something not unlike (or just > plain using) Smarty or some other templating language, where you let them > make up the templates, and only allow some simple pre-defined substitution > of variables you pre-define or something... This is indeed what we do now (well not with Smarty). It's more that there's pressure to allow people to develop there own applications within the system. -- Eric Dorland eric.dorland@xxxxxxxxx WCG 514.398-5023 ext. 09562 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
