Home »
Imported messages »
comp.lang.php »
Sandbox
Re: Sandbox [message #182078 is a reply to message #182077] |
Fri, 05 July 2013 16:24 |
J.O. Aho
Messages: 194 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 05/07/13 14:25, Jerry Stuckle wrote:
> On 7/5/2013 7:38 AM, sanjayrathod273(at)gmail(dot)com wrote:
>> HEy guys Help me
>>
>> I want to use sandbox for my site's security. below is the link of
>> method which i want to use http://php.net/manual/en/runkit.sandbox.php.
>>
>> but when i am run the code of that page it says sandbox class not
>> defined.
>> so anyone can guide me through this step by step.
>> Please help me my site has down due to hacking. i want to use for this
>> site
>> http://web.guru99.com/demo-editor-php/
>>
>
> Look at the documentation - you need the runkit PECL class. But that
> has not been updated for seven years and will not compile with PHP
> versions > 5.2. It looks like you're out of luck.
>
> But then while I think what you're trying to do is admirable, I don't
> think you'll be able to stop hacking without pretty much crippling your
> users. Anyone developing (or learning) PHP should have their own
> development environment, anyway.
>
There are other options to "sandbox" the users, suExec will give you
some capabilities and then on you can also run the apache in a chroot
environment. This way you can limit the access through the webserver to
the rest of the server environment and limit the sites from accessing
each others data. I usually apply the suhosin to the php and set a bit
limitation that way too. Doing all that you need of course a Linux/Unix
server.
--
//Aho
|
|
|
Goto Forum:
Current Time: Thu Nov 14 01:29:20 GMT 2024
Total time taken to generate the page: 0.04798 seconds