How CHUID Works
This doc describes what CHUID does when run under different SAPIs and threading models.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- Volodymyr Kolesnykov
- Definition:
- Drafting
- Series goal:
- Accepted for 0.4
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Whiteboard
UIDs/GIDs are changed during zend_activate phase.
GID can be:
* forced — set with chuid.force_gid;
* never changed — when chuid.no_set_gid is set;
* "default" — when chuid fails to find the owner of the DocumentRoot OR when the owner is root and chuid.never_root is set;
* the same as DocumentRoot's owner.
When GID is forced, chuid drops CAP_SETGID capability.
CLI/CGI SAPI: setuid()/setgid() are used. For CLI SAPI chuid module can be disabled with chuid.cli_disable php.ini setting. UID/GID are NOT restored on post_zend_
Others/non-ZTS: setresuid(
setresgid(gid, gid, 0);
setresuid(uid, uid, 0);
During post_zend_
setresuid(
setresgid(
Others/ZTS: currently does not work.
How it should work:
* zend_activate: setfsuid(uid); setfsgid(gid);
* post_zend_
* necessary caps: CAP_SETUID and CAP_SETGID.
CAPABILITIES
CAP_SYS_CHROOT is used to do a "global chroot"; dropped right after that.
Non-ZTS: CAP_DAC_
ZTS: CAP_DAC_READ_SEARCH