Annotation of embedaddon/php/tests/security/open_basedir.inc, revision 1.1.1.1
1.1 misho 1: <?php
2:
3: // This file contains helper functions for testing open_basedir configuration
4: // Care must be taken with where the directories are created because different
5: // SAPIs set the working directory differently. So simply creating a directory
6: // relative to the current working directory like this: mkdir("blah") might
7: // actually create it in several different places depending on the SAPI..!
8: //
9: // Note also depending on the version of php being tested, so the open_basedir
10: // configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
11: //
12: // For this reason we set the open_basedir to . (current directory) and then
13: // move around to various directories for testing using chdir(). This is NOT
14: // recommended for production use as . bypasses all semblence of security..!
15: //
16: // Although safe mode has been removed in php 6.0, open_basedir is still valid.
17: // See http://www.php.net/features.safe-mode for more information
18:
19: function recursive_delete_directory($directory) {
20:
21: // Remove any trailing slash first
22: if (substr($directory, -1) == '/') {
23: $directory = substr($directory, 0, -1);
24: }
25:
26: // Make sure the directory is valid
27: if (is_dir($directory) == FALSE) {
28: return FALSE;
29: }
30:
31: // Check we can access the directory
32: if (is_readable($directory) == FALSE) {
33: return FALSE;
34: }
35:
36: $handle = opendir($directory);
37:
38: // Scan through the directory contents
39: while (FALSE !== ($item = readdir($handle))) {
40: if ($item != '.') {
41: if ($item != '..') {
42: $path = ($directory.'/'.$item);
43: if (is_dir($path) == TRUE) {
44: recursive_delete_directory($path);
45: } else {
46: @chmod($path, 0777);
47: unlink($path);
48: }
49: }
50: }
51: }
52:
53: closedir($handle);
54: @chmod($directory, 0777);
55: rmdir($directory);
56:
57: return TRUE;
58: }
59:
60: function create_directories() {
61: delete_directories();
62: $directory = getcwd();
63:
64: var_dump(mkdir($directory."/test"));
65: var_dump(mkdir($directory."/test/ok"));
66: var_dump(mkdir($directory."/test/bad"));
67: file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
68: file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
69: }
70:
71: function delete_directories() {
72: $directory = (getcwd()."/test");
73: recursive_delete_directory($directory);
74: }
75:
76: function test_open_basedir_error($function) {
77: global $savedDirectory;
78: var_dump($function("../bad"));
79: var_dump($function("../bad/bad.txt"));
80: var_dump($function(".."));
81: var_dump($function("../"));
82: var_dump($function("/"));
83: var_dump($function("../bad/."));
84: $directory = $savedDirectory;
85: var_dump($function($directory."/test/bad/bad.txt"));
86: var_dump($function($directory."/test/bad/../bad/bad.txt"));
87: }
88:
89: function test_open_basedir_before($function, $change = TRUE) {
90: global $savedDirectory;
91: echo "*** Testing open_basedir configuration [$function] ***\n";
92: $directory = getcwd();
93: $savedDirectory = $directory;
94: var_dump(chdir($directory));
95: create_directories();
96:
97: // Optionally change directory
98: if ($change == TRUE) {
99: var_dump(chdir($directory."/test/ok"));
100: }
101: }
102:
103: // Delete directories using a --CLEAN-- section!
104: function test_open_basedir_after($function) {
105: echo "*** Finished testing open_basedir configuration [$function] ***\n";
106: }
107:
108: // This is used by functions that return an array on success
109: function test_open_basedir_array($function) {
110: global $savedDirectory;
111:
112: test_open_basedir_before($function);
113: test_open_basedir_error($function);
114: var_dump(is_array($function("./../.")));
115: var_dump(is_array($function("../ok")));
116: var_dump(is_array($function("ok.txt")));
117: var_dump(is_array($function("../ok/ok.txt")));
118: $directory = $savedDirectory;
119: var_dump(is_array($function($directory."/test/ok/ok.txt")));
120: var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
121: test_open_basedir_after($function);
122: }
123:
124: function test_open_basedir($function) {
125: global $savedDirectory;
126: test_open_basedir_before($function);
127: test_open_basedir_error($function);
128: var_dump($function("./../."));
129: var_dump($function("../ok"));
130: var_dump($function("ok.txt"));
131: var_dump($function("../ok/ok.txt"));
132: $directory = $savedDirectory;
133: var_dump($function($directory."/test/ok/ok.txt"));
134: var_dump($function($directory."/test/ok/../ok/ok.txt"));
135: test_open_basedir_after($function);
136: }
137:
138: ?>
139:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>