php-chuid

How CHUID Works

Registered by Volodymyr Kolesnykov

This doc describes what CHUID does when run under different SAPIs and threading models.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
Volodymyr Kolesnykov
Definition:
Drafting
Series goal:
Accepted for 0.4
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

UIDs/GIDs are changed during zend_activate phase.

GID can be:
* forced — set with chuid.force_gid;
* never changed — when chuid.no_set_gid is set;
* "default" — when chuid fails to find the owner of the DocumentRoot OR when the owner is root and chuid.never_root is set;
* the same as DocumentRoot's owner.

When GID is forced, chuid drops CAP_SETGID capability.

CLI/CGI SAPI: setuid()/setgid() are used. For CLI SAPI chuid module can be disabled with chuid.cli_disable php.ini setting. UID/GID are NOT restored on post_zend_deactivate phase.

Others/non-ZTS: setresuid()/setresgid() are used:

setresgid(gid, gid, 0);
setresuid(uid, uid, 0);

During post_zend_deactivate phase:

setresuid(original_uid, original_euid, 0);
setresgid(original_gid, original_egid, 0);

Others/ZTS: currently does not work.
How it should work:
* zend_activate: setfsuid(uid); setfsgid(gid);
* post_zend_deactivate: setfsuid(orig_uid); setfsgid(orig_gid);
* necessary caps: CAP_SETUID and CAP_SETGID.

CAPABILITIES

CAP_SYS_CHROOT is used to do a "global chroot"; dropped right after that.

Non-ZTS: CAP_DAC_READ_SEARCH, CAP_SETUID, CAP_SETGID
ZTS: CAP_DAC_READ_SEARCH

(?)

Work Items

Nearby

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.