On Nov 20, 2006, at 9:44 AM, tedd wrote:
At 11:24 AM +0000 11/20/06, Stut wrote:
Ford, Mike wrote:
My preference would be the include, but all of the options you've
been given would do the job one way or another.
Using include for this is potentially dangerous since it will
execute any PHP code contained within the file. Only use include
if you are absolutely sure you trust the content of the files you
are displaying.
To all:
I understand that an include file will be executed "as-is", but how
can someone change one of my includes? On my virtual host, I have
to jump through ftp hoops (i.e., change permissions) to write a
file and that's me knowing the logon and password. How does someone
hack through that?
And if they could hack through that, then nothing is secure
including includes, right? If the evil doer has gone that far, then
why not just run the evil code and be done with it, why screw
around with includes, which may, or may not, be executed?
What am I not getting here?
Also, aren't there any safe methods for using includes?
For example, one could define a variable in an include and then
check if it's defined in the calling code -- if it's defined then
run, if not then exit. That is not fool-proof -- but it should stop
someone from completely replacing your include code with theirs.
I had a similar problem with a shareware Macintosh application I
wrote where I wanted the resources to remain "intact" -- I didn't
want someone changing the resource so that information about
payments would be sent to them instead of me. So, I recorded the
exact size of the resources and the program would only run IF the
resources were exactly that size.
As such, one could check the size of the include and check if it
had been altered. If the size matches the excepted size, then run,
if not then exit. This would stop include-injections for all except
those that are the same size.
Any comments, suggestions, explanations?
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
look at the url_fopen_.. stuff in the manual, and if the user account
the script is running as has write permission to the directory (ie.
if you've got a php script that's creating lock files or log files on
the server then it has write permission) then it's going to be able
to write whatever it wants. ftp accounts are sometimes run under a
different user than the webserver, so you would have to do some
permission juggling in those situations for things that have been
created through the ftp account, but used by the webserver account.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php