Home »
Imported messages »
comp.lang.php »
Sandbox
Re: Sandbox [message #182079 is a reply to message #182078] |
Fri, 05 July 2013 16:53 |
Jerry Stuckle
Messages: 2598 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 7/5/2013 12:24 PM, J.O. Aho wrote:
> On 05/07/13 14:25, Jerry Stuckle wrote:
>> On 7/5/2013 7:38 AM, sanjayrathod273(at)gmail(dot)com wrote:
>>> HEy guys Help me
>>>
>>> I want to use sandbox for my site's security. below is the link of
>>> method which i want to use http://php.net/manual/en/runkit.sandbox.php.
>>>
>>> but when i am run the code of that page it says sandbox class not
>>> defined.
>>> so anyone can guide me through this step by step.
>>> Please help me my site has down due to hacking. i want to use for this
>>> site
>>> http://web.guru99.com/demo-editor-php/
>>>
>>
>> Look at the documentation - you need the runkit PECL class. But that
>> has not been updated for seven years and will not compile with PHP
>> versions > 5.2. It looks like you're out of luck.
>>
>> But then while I think what you're trying to do is admirable, I don't
>> think you'll be able to stop hacking without pretty much crippling your
>> users. Anyone developing (or learning) PHP should have their own
>> development environment, anyway.
>>
>
> There are other options to "sandbox" the users, suExec will give you
> some capabilities and then on you can also run the apache in a chroot
> environment. This way you can limit the access through the webserver to
> the rest of the server environment and limit the sites from accessing
> each others data. I usually apply the suhosin to the php and set a bit
> limitation that way too. Doing all that you need of course a Linux/Unix
> server.
>
Yes, but look at his site. He's trying to create an online PHP executor
for people to use. Your suggestions won't help there - it's impossible
to use them to limit access to the files from user-developed code
(evidently executed with eval()) while still making it available to the
installed code.
And limiting things like file functions in his php.ini file will not
only limit the functions for user-developed code, but for the code on
the site itself.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
Goto Forum:
Current Time: Sun Nov 24 14:18:12 GMT 2024
Total time taken to generate the page: 0.04556 seconds