diff options
author | Alex Dupre <ale@FreeBSD.org> | 2006-10-16 09:30:58 +0000 |
---|---|---|
committer | Alex Dupre <ale@FreeBSD.org> | 2006-10-16 09:30:58 +0000 |
commit | d754180768ceb88d6503eb611b91f8153d84da04 (patch) | |
tree | 194f945e56fcc78457c3972839630e2725b992a3 /lang/php5 | |
parent | bd8cad365fc9eb1b277be684a8e514264681eec2 (diff) | |
download | ports-d754180768ceb88d6503eb611b91f8153d84da04.tar.gz ports-d754180768ceb88d6503eb611b91f8153d84da04.zip |
Notes
Diffstat (limited to 'lang/php5')
-rw-r--r-- | lang/php5/Makefile | 2 | ||||
-rw-r--r-- | lang/php5/files/patch-ext_standard_dir.c | 20 | ||||
-rw-r--r-- | lang/php5/files/patch-main_php_open_temporary_file.c | 43 | ||||
-rw-r--r-- | lang/php5/files/patch-php.ini-dist | 18 | ||||
-rw-r--r-- | lang/php5/files/patch-php.ini-recommended | 18 |
5 files changed, 100 insertions, 1 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index e0d2013da065..90bd0d34af2c 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -7,7 +7,7 @@ PORTNAME= php5 PORTVERSION= 5.1.6 -PORTREVISION?= 1 +PORTREVISION?= 2 CATEGORIES?= lang devel www MASTER_SITES= ${MASTER_SITE_PHP:S,$,:release,} \ http://downloads.php.net/ilia/:rc \ diff --git a/lang/php5/files/patch-ext_standard_dir.c b/lang/php5/files/patch-ext_standard_dir.c new file mode 100644 index 000000000000..58a6bccb9cfe --- /dev/null +++ b/lang/php5/files/patch-ext_standard_dir.c @@ -0,0 +1,20 @@ +--- ext/standard/dir.c.orig Mon Oct 16 07:08:36 2006 ++++ ext/standard/dir.c Mon Oct 16 07:08:40 2006 +@@ -16,7 +16,7 @@ + +----------------------------------------------------------------------+ + */ + +-/* $Id: dir.c,v 1.147.2.3 2006/02/26 10:49:50 helly Exp $ */ ++/* $Id: dir.c,v 1.147.2.3.2.1 2006/10/04 23:19:25 iliaa Exp $ */ + + /* {{{ includes/startup/misc */ + +@@ -286,7 +286,7 @@ + RETURN_FALSE; + } + +- if (PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { ++ if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) { + RETURN_FALSE; + } + ret = VCWD_CHDIR(str); diff --git a/lang/php5/files/patch-main_php_open_temporary_file.c b/lang/php5/files/patch-main_php_open_temporary_file.c new file mode 100644 index 000000000000..85f7c51ab47d --- /dev/null +++ b/lang/php5/files/patch-main_php_open_temporary_file.c @@ -0,0 +1,43 @@ +--- main/php_open_temporary_file.c.orig Mon Oct 16 07:21:14 2006 ++++ main/php_open_temporary_file.c Mon Oct 16 07:22:00 2006 +@@ -16,7 +16,7 @@ + +----------------------------------------------------------------------+ + */ + +-/* $Id: php_open_temporary_file.c,v 1.34.2.2 2006/05/23 23:22:26 iliaa Exp $ */ ++/* $Id: php_open_temporary_file.c,v 1.34.2.1.2.4 2006/10/13 01:11:30 iliaa Exp $ */ + + #include "php.h" + +@@ -206,6 +206,7 @@ + PHPAPI int php_open_temporary_fd(const char *dir, const char *pfx, char **opened_path_p TSRMLS_DC) + { + int fd; ++ const char *temp_dir; + + if (!pfx) { + pfx = "tmp."; +@@ -214,11 +215,22 @@ + *opened_path_p = NULL; + } + ++ if (!dir || *dir == '\0') { ++def_tmp: ++ temp_dir = php_get_temporary_directory(); ++ ++ if (temp_dir && *temp_dir != '\0' && !php_check_open_basedir(temp_dir TSRMLS_CC)) { ++ return php_do_open_temporary_file(temp_dir, pfx, opened_path_p TSRMLS_CC); ++ } else { ++ return -1; ++ } ++ } ++ + /* Try the directory given as parameter. */ + fd = php_do_open_temporary_file(dir, pfx, opened_path_p TSRMLS_CC); + if (fd == -1) { + /* Use default temporary directory. */ +- fd = php_do_open_temporary_file(php_get_temporary_directory(), pfx, opened_path_p TSRMLS_CC); ++ goto def_tmp; + } + return fd; + } diff --git a/lang/php5/files/patch-php.ini-dist b/lang/php5/files/patch-php.ini-dist new file mode 100644 index 000000000000..6d84f3a80891 --- /dev/null +++ b/lang/php5/files/patch-php.ini-dist @@ -0,0 +1,18 @@ +--- php.ini-dist.orig Fri Dec 30 18:19:43 2005 ++++ php.ini-dist Mon Oct 16 08:12:28 2006 +@@ -165,6 +165,15 @@ + + ; Safe Mode + ; ++; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that ++; the PHP Safe Mode feature not be relied upon for security, since the ++; issues Safe Mode tries to handle cannot properly be handled in PHP ++; (primarily due to PHP's use of external libraries). While many bugs ++; in Safe Mode has been fixed it's very likely that more issues exist ++; which allows a user to bypass Safe Mode restrictions. ++; For increased security we always recommend to install the Suhosin ++; extension. ++; + safe_mode = Off + + ; By default, Safe Mode does a UID compare check when diff --git a/lang/php5/files/patch-php.ini-recommended b/lang/php5/files/patch-php.ini-recommended new file mode 100644 index 000000000000..7b648b1ea0b5 --- /dev/null +++ b/lang/php5/files/patch-php.ini-recommended @@ -0,0 +1,18 @@ +--- php.ini-recommended.orig Fri Dec 30 18:19:43 2005 ++++ php.ini-recommended Mon Oct 16 08:13:05 2006 +@@ -223,6 +223,15 @@ + ; + ; Safe Mode + ; ++; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that ++; the PHP Safe Mode feature not be relied upon for security, since the ++; issues Safe Mode tries to handle cannot properly be handled in PHP ++; (primarily due to PHP's use of external libraries). While many bugs ++; in Safe Mode has been fixed it's very likely that more issues exist ++; which allows a user to bypass Safe Mode restrictions. ++; For increased security we recommend to always install the Suhosin ++; extension. ++; + safe_mode = Off + + ; By default, Safe Mode does a UID compare check when |