A few days ago one of our users requested that I look into some security features requested 2 years ago on bugs.php.net by Peter Brodersen. The first one is an addition to the session extension that stops attempts to access the session data of another user during SAFE MODE and the second one is a change in the behaviour of glob() to better obey SAFE MODE and open_basedir restrictions. In plain PHP glob() allows retrieving a list of all files on the server through the SAFE MODE or open_basedir error messages.
While I consider SAFE MODE and open_basedir broken solutions that should get replaced by proper UNIX file permissions I created two patches for both problems to make the users happy. The first problem is solved by appending the UID of the script to the session filename during safe_mode and the second one by performing silent safe_mode/open_basedir check for every single [...]

Original post by blog-admin@nopiracy.de (Stefan Esser) and software by Elliott Back

Tags: PHP security