( ! ) Warning: Creating default object from empty value in /var/www/clients/client1/web1/web/modules/Forums/common.php on line 421
Call Stack
#TimeMemoryFunctionLocation
10.0000358528{main}( ).../modules.php:0
20.0797369472include( '/var/www/clients/client1/web1/web/index.php ).../modules.php:4
30.4758676112include( '/var/www/clients/client1/web1/web/modules/PHP_Manual/index.php ).../index.php:179
40.4766677024include( '/var/www/clients/client1/web1/web/header.php ).../index.php:157
50.4767693624head( ).../header.php:112
60.4767694208online( ).../header.php:39
70.4767694208my_online( ).../mainfile.php:720
80.4768697384include( '/var/www/clients/client1/web1/web/modules/Forums/common.php ).../custom_mainfile.php:1151
Omega13a's Corner - PHP Manual - Security - Filesystem
Omega13a's Corner
Contribute To This Site
Submit a Download
Submit a Link
Submit A Review for Omega13a's Corner

This Website Is Best Viewed In Mozilla Firefox 0.9+
You Are Currently Using
  Login or Register
::  Home   ::  Your Account   ::  Forums   ::  UFT Encyclopedia   ::  UFT Writer  ::
2020.8
Omega13a's Wish List
My Amazon.com Wish List
 
Affiliates
Supported by

[ Be A Supporter ]
[ NukeSupporters( tm) ]
 
Navigation
· Hom e
· Rep ort An Error

Omega13a's Corner

· Ome ga13a's Corner Index
· Ana grams
· Ana grams
· Aut ograms
· Aut ograms
· Bum per Stickers
· Bum per Stickers
· Cow Analogies
· Cow Analogies
· Cru el Baby Names
· Cru el Baby Names
· DHT ML Tricks
· DHT ML Tricks
· Dum b Criminals
· Dum b Criminals
· Dum b Headlines
· Dum b Headlines
· Dum b Laws
· Dum b Laws
· Dum b Questions
· Dum b Questions
· Dum b Quotes
· Dum b Quotes
· Dum b Signs
· Dum b Signs
· Dum b Warning Labels
· Dum b Warning Labels
· Eye witness Reports
· Eye witness Reports
· Fea rs
· Fea rs
· Gam es
· Gam es
· Goo gle Searches
· Goo gle Searches
· Gra phing Calculator
· Gra phing Calculator
· Hor oscope
· Hor oscope
· hta ccess Tutorials
· hta ccess Tutorials
· HTM L Manual
· HTM L Manual
· IP Lookup
· IP Lookup
· Jok es
· Jok es
· Mis c Funny Stuff
· Mis c Funny Stuff
· Odd Books
· Odd Books
· Odd Place Names
· Odd Place Names
· Odd Product Names
· Odd Product Names
· Our Solar System
· Our Solar System
· Pal indromes
· Pal indromes
· Pan grams
· Pan grams
· PEA R Manual
· PEA R Manual
· PHP Manual
· PHP Manual
· PHP Nuke Tools
· PHP Nuke Tools
· Poi ntless Quizzes
· Poi ntless Quizzes
· Pri me Numbers
· Pri me Numbers
· Ran dom Quotes
· Ran dom Quotes
· Ran t
· Ran t
· Rev iews
· Rev iews
· Rhy ming Pairs
· Rhy ming Pairs
· Sci -Fi/Fantasy Encyclopedia
· Sci -Fi/Fantasy Encyclopedia
· Wea ther
· Wea ther
· Wei rd Ads
· Wei rd Ads
· Wei rd Wide Web
· Wei rd Wide Web
· Zen Sarcasms
· Zen Sarcasms

Star Trek

·&nbs pBorg Species Designations
· Bor g Species Designations
· FAQ
· FAQ
· Sev Trek
· Sev Trek
· Sta r Trek Alien Sayings
· Sta r Trek Alien Sayings
· Sta r Trek Eggs
· Sta r Trek Eggs
· Sta r Trek Encyclopedia
· Sta r Trek Encyclopedia
· Sta r Trek Episode Guides
· Sta r Trek Episode Guides
· Sta r Trek Goofs
· Sta r Trek Goofs
· Sta r Trek Mysteries
· Sta r Trek Mysteries
· Sta r Trek Reviews
· Sta r Trek Reviews
· Sta r Trek Timeline
· Sta r Trek Timeline
· Tre k Today Headlines
· Tre k Today Headlines
· Wor lds in Star Trek
· Wor lds in Star Trek

Community

· Cha t Bot
· Cha t Bot
· Cha t Room
· Cha t Room
· Fee dback
· Fee dback
· For ums
· For ums
· Gue stbook
· Gue stbook
· Joi n a Webring
· Joi n a Webring
· Joi n the Staff
· Joi n the Staff
· Mem bers List
· Mem bers List
· Pri vate Messages
· Pri vate Messages
· Rec ommend Us
· Rec ommend Us
· Rul es/Terms of Use
· Rul es/Terms of Use
· Sur veys
· Sur veys
· Use r Journals
· Use r Journals
· Vot e For Us
· Vot e For Us
· Win An Award
· Win An Award
· You r Account
· You r Account

Media/Arts

· Dow nloads
· Dow nloads
· Fan Fictions
· Fan Fictions
· Han gman
· Han gman
· Ima ge Gallery
· Ima ge Gallery
· Tec hnobable Generator
· Tec hnobable Generator

Staff Personal Sections

· Lad y Lursa's Reading Corner

Links and Webrings

· Ban ner Exchanges
· Ban ner Exchanges
· Joi n Banner Exchange
· Joi n Banner Exchange
· Lin king To Us
· Lin king To Us
· Top sites
· Top sites
· Web Links
· Web Links
· Web rings
· Web rings

Site Info

· Abo ut the Owner
· Abo ut the Site
· Abo ut the Site
· Abo ut UFT_PHP
· Abo ut UFT_PHP
· Abo ut You
· Awa rds
· Awa rds
· Ban ned Stuff
· Ban ned Stuff
· Cop yright
· Cop yright
· Leg al Information
· Leg al Information
· Mod ifications Installed
· Mod ifications Installed
· Sea rch Results
· Sea rch Results
 
UFT Community

Omega13a's Corner Forums

 
Vote For Us
 
Ads


Filesystem Security

Chapter 26. Filesystem Security

PHP is subject to the security built into most server systems with respect to permissions on a file and directory basis. This allows you to control which files in the filesystem may be read. Care should be taken with any files which are world readable to ensure that they are safe for reading by all users who have access to that filesystem.

Since PHP was designed to allow user level access to the filesystem, it's entirely possible to write a PHP script that will allow you to read system files such as /etc/passwd, modify your ethernet connections, send massive printer jobs out, etc. This has some obvious implications, in that you need to ensure that the files that you read from and write to are the appropriate ones.

Consider the following script, where a user indicates that they'd like to delete a file in their home directory. This assumes a situation where a PHP web interface is regularly used for file management, so the Apache user is allowed to delete files in the user home directories.

Example 26_1. Poor variable checking leads to....

<?php
// remove a file from the user's home directory
$username = $_POST['user_submitted_name'];
$homedir = "/home/$username";
$file_to_delete = "$userfile";
unlink ("$homedir/$userfile");
echo
"$file_to_delete has been deleted!";
?>
Since the username is postable from a user form, they can submit a username and file belonging to someone else, and delete files. In this case, you'd want to use some other form of authentication. Consider what could happen if the variables submitted were "../etc/" and "passwd". The code would then effectively read:

Example 26_2. ... A filesystem attack

<?php
// removes a file from anywhere on the hard drive that
// the PHP user has access to. If PHP has root access:
$username = "../etc/";
$homedir = "/home/../etc/";
$file_to_delete = "passwd";
unlink ("/home/../etc/passwd");
echo
"/home/../etc/passwd has been deleted!";
?>
There are two important measures you should take to prevent these issues.

  • Only allow limited permissions to the PHP web user binary.

  • Check all variables which are submitted.

Here is an improved script:

Example 26_3. More secure file name checking

<?php
// removes a file from the hard drive that
// the PHP user has access to.
$username = $_SERVER['REMOTE_USER']; // using an authentication mechanisim

$homedir = "/home/$username";

$file_to_delete = basename("$userfile"); // strip paths
unlink ($homedir/$file_to_delete);

$fp = fopen("/home/logging/filedelete.log","+a"); //log the deletion
$logstring = "$username $homedir $file_to_delete";
fwrite ($fp, $logstring);
fclose($fp);

echo
"$file_to_delete has been deleted!";
?>
However, even this is not without it's flaws. If your authentication system allowed users to create their own user logins, and a user chose the login "../etc/", the system is once again exposed. For this reason, you may prefer to write a more customized check:

Example 26_4. More secure file name checking

<?php
$username
= $_SERVER['REMOTE_USER']; // using an authentication mechanisim
$homedir = "/home/$username";

if (!
ereg('^[^][^/]*$', $userfile))
     die(
'bad filename'); //die, do not process

if (!ereg('^[^][^/]*$', $username))
     die(
'bad username'); //die, do not process
//etc...
?>

Depending on your operating system, there are a wide variety of files which you should be concerned about, including device entries (/dev/ or COM1), configuration files (/etc/ files and the .ini files), well known file storage areas (/home/, My Documents), etc. For this reason, it's usually easier to create a policy where you forbid everything except for what you explicitly allow.


Total Hits: 0

Powered by PHPNukePage Protected By Copyscape. Do Not CopyNukeSentinel ProtectedPowered by PEARPowered by PECL

© 2000, 2001, 2002 Trek Archive, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 United Federation of Trek.
Omega's Corner is © 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 omega13a.
Star Trek®, Star Trek: The Next Generation®, Star Trek: Deep Space Nine®, Star Trek: Voyager®, Enterprise®, and Star Trek: Enterprise® are registered trademarks of Paramount Pictures and Viacom. All Star Trek material found on this site is for promotional purposes only, and not personal or financial gain. No infringements on their copyrights is intended.
All logos and trademarks in this site are property of their respective owners. The comments are property of their posters.


ROR Sitemap Google Sitemap

PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.5065 Seconds
Server Load: 7.12
Queries: 24 (0.2020 seconds)
Included 92 files
242 classes defined
46 interfaces defined
0 classes loaded using __autoload()
2,724 functions defined
4,460 constants defined

:: subBlack phpbb2 style by spectre :: PHP-Nuke theme by www.nukemods.com ::

This Website Is Best Viewed In Mozilla Firefox 0.9+
You Are Currently Using

UFT's Webring of Sci-Fi and Fantasy
UFT's Webring of Sci-Fi and Fantasy
Previous site : Random : Next site : List sites
Powered by PHP-Ring
Psychology News
Scitrek webring
Scitrek webring
Previous site : Random : Next site : List sites
Powered by .PHP-Ring
Psychology News
robots.txt
Contributors Contact Us