Date: Sun, 27 Jan 2008 12:44:52 +0000 From: Thomas Hurst <tom.hurst@clara.net> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: freebsd-performance@freebsd.org Subject: Re: PHP with open_basedir performance problem Message-ID: <20080127124452.GA21973@voi.aagh.net> In-Reply-To: <479C7859.2060703@quip.cz> References: <479B1185.8020604@quip.cz> <20080127112911.GA4024@voi.aagh.net> <479C7859.2060703@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
* Miroslav Lachman (000.fbsd@quip.cz) wrote:
> As I reported a year ago - problem occured in 5.1.6 (maybe 5.1.5 - I
> never tried it, I jumped from 5.1.4 to 5.1.6 or newer). Can somebody
> look at PHP sources of those two versions and find the "bad change"?
Handily I have 5.1.4 sources right next to my copy of trunk PHP5;
main/fopen_wrappers.c php_check_specific_open_basedir() is about half
the size there, and doesn't perform any readlink() calls, so it's
probably vulnerable to escaping the basedir using symlinks, but
considerably faster.
--
Thomas 'Freaky' Hurst
http://hur.st/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080127124452.GA21973>