summaryrefslogtreecommitdiff
path: root/shell/SECURITY
diff options
context:
space:
mode:
Diffstat (limited to 'shell/SECURITY')
-rw-r--r--shell/SECURITY141
1 files changed, 0 insertions, 141 deletions
diff --git a/shell/SECURITY b/shell/SECURITY
deleted file mode 100644
index 888c554..0000000
--- a/shell/SECURITY
+++ /dev/null
@@ -1,141 +0,0 @@
-SECURITY file for PHP Shell
-Copyright (C) 2005-2010 the Phpshell-team
-Licensed under the GNU GPL. See the file COPYING for details.
-
-
-PHP Security
-============
-
-Installing PHP on your server is an inherently dangerous thing to do,
-somewhat similar to the danger one faces when one buys a car: it might
-kill you if you have an accident. On the other hand a car makes so
-many things so much more convenient, so most people are willing to
-accept the risk of accidents.
-
-Likewise, PHP is a powerful tool which will let you build your
-webpages easier and faster than without. But it is a *very* powerful
-tool --- PHP is a full programming language which can be used for
-general purpose programming and not just to format HTML for display in
-a browser.
-
-So PHP has support for reading and writing files on the filesystem.
-But PHP also has support for *deleting* files. PHP even has support
-for executing other programs. In other words, PHP has lots of support
-for interacting with the rest of the computer it runs on. This
-interaction is potentially much more powerful than you want it to, and
-this can be a problem if this power ends up in the wrong hands.
-
-
-What about Safe Mode?
----------------------
-
-As they note in the PHP manual, Safe Mode is an inherently wrong way
-to secure PHP, but is nevertheless used in many installations.
-Turning Safe Mode on in PHP basically tries to restrict the language
-and its functions to make it "safe".
-
-This involves a strict check on file ownership so that PHP wont
-operate on files and directories which are not owned by the owner of
-the current script. Other restrictions in Safe Mode include limits on
-which files can be executed and includes (thus making a primitive form
-of chroot or jail around the PHP script).
-
-PHP Shell is made mostly useless with Safe Mode since it restricts the
-two commands that PHP Shell uses: ``chdir()`` and ``proc_open()``:
-
-* With Safe Mode you cannot change to a directory unless you are the
- owner of that directory. This means that you cannot change to, say,
- ``/etc`` since ``root`` own that directory.
-
- You'll see this when 'cd /etc' results in this error from PHP Shell:
-
- chdir(): SAFE MODE Restriction in effect. The script whose uid is
- 500 is not allowed to access /etc owned by uid 0
- cd: could not change to: /etc
-
-* When Safe Mode is active, PHP forces the argument to ``proc_open()``
- to be escaped, which means that you cannot use normal shell
- wildcards, pipes or any such stuff.
-
- So if you enter 'ls *.txt' in a directory where you know for certain
- that there is a text file ending in '.txt', you will get the
- following error:
-
- /bin/ls: *.txt: No such file or directory
-
- This is because PHP has silently changed the command into 'ls
- \*.txt' to disable the wildcard.
-
-* You cannot execute programs unless they are placed in a directory
- listed in ``safe_mode_exec_dir``. Say you want to execute the
- program ``tr`` (which translates between sets of characters) and you
- get this strange messages back:
-
- sh: line 1: /bin/tr: No such file or directory
-
- Then you have a problem with the ``safe_mode_exec_dir`` setting. In
- this case ``safe_mode_exec_dir`` is set to just ``/bin`` and so PHP
- has forced the shell to execute ``/bin/tr`` and since ``tr`` is
- installed in ``/usr/bin`` it could not be found.
-
- If you have write access to a directory listed in
- ``safe_mode_exec_dir``, then try copying the wanted program there
- first. Executing it should now work.
-
-
-Even without enabling Safe Mode some functions might have been
-disabled via the ``disabled_functions`` setting. If the
-``proc_open()`` function used by PHP Shell has been disabled, then you
-will see an error like this:
-
- Fatal Error!
-
- proc_open() has been disabled for security reasons
-
- in /path/to/your/installation/phpshell.php, line 221.
-
-
-
-PHP Shell Security
-==================
-
-As noted above, PHP is a powerful tool --- how does PHP Shell fit into
-this? PHP Shell is actually quite simple and does one thing: it uses
-the standard PHP function ``proc_open()`` to execute programs.
-
-Executing other programs is probably the most powerful thing you can
-do in PHP, and so PHP Shell gives you a convenient interface to this
-the most powerful feature of PHP. Nothing more.
-
-
-Is PHP Shell Dangerous?
------------------------
-
-Short answer: *yes*! PHP Shell has been used in the past by people
-with not-so-good intentions to destroy valuable content on servers.
-
-The longer answer is that installing PHP Shell is like building a new
-door in your house --- if you leave it unlocked, then people can (and
-probably will!) walk into it and steal your possessions. So you want
-to lock it, and make sure you use a good lock.
-
-With PHP Shell that is equivalent of using a secure password. A
-secure password is one which is hard to guess (make it long, make it
-random, and put both numbers, special characters and normal letters in
-it).
-
- Remember that guessing the password is all that stands between the
- crackers and your files!
-
-If you use a good password, then PHP Shell does not make your system
-any more insecure than it already was. Security is always a matter of
-finding the weakest link in the chain: if you use FTP with a simple
-password for updating your site, then it would be much easier for the
-crackers to attack that instead of trying to guess your super-hard PHP
-Shell password. So make sure that you tighten security on all fronts
-you know of.
-
-
-If you have comments or suggestions for improvements to this little
-guide in system security, then please do not hesitate to contact the
-author at <mgeisler@mgeisler.net>.