From 77912fb35c22a505a2602c400a6b41584ed71d88 Mon Sep 17 00:00:00 2001
From: Jeroen van Wolffelaar <jeroen@php.net>
Date: Tue, 31 Jul 2001 22:28:30 +0000
Subject: [PATCH] - More correct safe-mode documentation - Partially added
 warnings to the functions themselves - Small xml-id fix in cybermut

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@52878 c90b9560-bf6c-de11-be94-00142212c4b1
---
 features/safe-mode.xml   | 116 +++++++++++++++++++++++----------------
 functions/cybermut.xml   |   6 +-
 functions/dbase.xml      |   1 +
 functions/dbm.xml        |   1 +
 functions/filepro.xml    |   3 +
 functions/filesystem.xml |   2 +
 functions/info.xml       |   5 ++
 functions/pgsql.xml      |   1 +
 functions/posix.xml      |   1 +
 9 files changed, 87 insertions(+), 49 deletions(-)

diff --git a/features/safe-mode.xml b/features/safe-mode.xml
index 22f6adf0aa..deef2fbd0c 100644
--- a/features/safe-mode.xml
+++ b/features/safe-mode.xml
@@ -1,4 +1,4 @@
- <!-- $Revision: 1.6 $ -->
+ <!-- $Revision: 1.7 $ -->
  <chapter id="features.safe-mode">
   <title>Safe mode</title>
 
@@ -107,20 +107,24 @@ Warning: readfile() has been disabled for security reasons in
         <entry>&sm.uidcheck;</entry>
        </row>
        <row>
-        <entry><function>imap_thread</function></entry>
-        <entry>??</entry>
+        <entry><function>ifx_*</function></entry>
+        <entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
+        <!-- TODO: more info on sql-safe-mode -->
        </row>
        <row>
-        <entry><function>ifxus_tell_slob</function></entry>
-        <entry>??</entry>
+        <entry><function>ingres_*</function></entry>
+        <entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
+        <!-- TODO: more info on sql-safe-mode -->
        </row>
        <row>
-        <entry><function>muscat_close</function></entry>
-        <entry>??</entry>
+        <entry><function>mysql_*</function></entry>
+        <entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
+        <!-- TODO: more info on sql-safe-mode -->
        </row>
        <row>
         <entry><function>pg_loimport</function></entry>
         <entry>&sm.uidcheck;</entry>
+        <!-- source TODO: there is no PHP-warning for that safe-mode-restriction -->
        </row>
        <row>
         <entry><function>posix_mkfifo</function></entry>
@@ -128,27 +132,64 @@ Warning: readfile() has been disabled for security reasons in
        </row>
        <row>
         <entry><function>putenv</function></entry>
-        <entry>??</entry>
+        <entry>Obeys the safe_mode_protected_env_vars and 
+        safe_mode_allowed_env_vars ini-directives. See also the documentation
+        on <function>putenv</function></entry>
+        <!-- TODO: document those directives in chapters/config.xml -->
        </row>
        <row>
         <entry><function>move_uploaded_file</function></entry>
-        <entry>&sm.uidcheck;</entry>
+        <entry>&sm.uidcheck; <!-- TODO: check this --></entry>
        </row>
+
+       <!-- TODO: from here on, add warning to the function itself -->
+
        <row>
         <entry><function>chdir</function></entry>
         <entry>&sm.uidcheck.dir;</entry>
        </row>
        <row>
         <entry><function>dl</function></entry>
-        <entry>??</entry>
+        <entry>&sm.disabled;</entry>
        </row>
        <row>
-        <entry><function>shell_exec</function></entry>
-        <entry>??</entry>
+        <entry><link linkend="language.operators.execution">backtick operator</link></entry>
+        <entry>&sm.disabled;</entry>
+       </row>
+       <row>
+        <entry><function>shell_exec</function> (functional equivalent 
+        of backticks)</entry>
+        <entry>&sm.disabled;</entry>
+       </row>
+       <row>
+        <entry><function>exec</function></entry>
+        <entry>You can only execute executables within the <link 
+        linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
+        For practical reasons it's currently not allowed to have
+        <literal>..</literal> components in the path to the executable.</entry>
+       </row>
+       <row>
+        <entry><function>system</function></entry>
+        <entry>You can only execute executables within the <link 
+        linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
+        For practical reasons it's currently not allowed to have
+        <literal>..</literal> components in the path to the executable.</entry>
+       </row>
+       <row>
+        <entry><function>passthru</function></entry>
+        <entry>You can only execute executables within the <link 
+        linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
+        For practical reasons it's currently not allowed to have
+        <literal>..</literal> components in the path to the executable.</entry>
        </row>
        <row>
         <entry><function>popen</function></entry>
-        <entry>&sm.uidcheck.dir; <!-- not sure!! --></entry>
+        <entry>You can only execute executables within the <link 
+        linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
+        For practical reasons it's currently not allowed to have
+        <literal>..</literal> components in the path to the executable.</entry>
+        <!-- TODO: not sure. popen uses a completely different implementation
+        Don't know why, don't know whether it's behaving the same -->
        </row>
        <row>
         <entry><function>mkdir</function></entry>
@@ -160,15 +201,17 @@ Warning: readfile() has been disabled for security reasons in
        </row>
        <row>
         <entry><function>rename</function></entry>
-        <entry>&sm.uidcheck; <!-- on the old name only, it seems --></entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir;<!-- on the old name only, it seems. Is rename preventing moving files? --></entry>
        </row>
        <row>
         <entry><function>unlink</function></entry>
-        <entry>&sm.uidcheck;</entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir;</entry>
        </row>
        <row>
         <entry><function>copy</function></entry>
-        <entry>&sm.uidcheck; <!-- source AND target,should be noted --></entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir; (on 
+        <parameter>source</parameter> and 
+        <parameter>target</parameter>) </entry>
        </row>
        <row>
         <entry><function>chgrp</function></entry>
@@ -180,48 +223,29 @@ Warning: readfile() has been disabled for security reasons in
        </row>
        <row>
         <entry><function>chmod</function></entry>
-        <entry>&sm.uidcheck; <!-- there is more than this, 
-        i believe you can't set the SUID/SGID/sticky bits? --></entry>
+        <entry>&sm.uidcheck; In addition, you cannot  
+        set the SUID, SGID and sticky bits</entry>
        </row>
        <row>
         <entry><function>touch</function></entry>
-        <entry>&sm.uidcheck;</entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir;</entry>
        </row>
        <row>
         <entry><function>symlink</function></entry>
-        <entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir; (note: only the target is 
+        checked)</entry>
        </row>
        <row>
         <entry><function>link</function></entry>
-        <entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
-       </row>
-       <row>
-        <entry><function>ob_gzhandler</function></entry>
-        <entry>&sm.uidcheck;</entry>
+        <entry>&sm.uidcheck; &sm.uidcheck.dir; (note: only the target is 
+        checked)</entry>
        </row>
        <row>
         <entry><function>getallheaders</function></entry>
-        <entry>??</entry>
-       </row>
-       <row>
-        <entry><function>exec</function></entry>
-        <entry>??</entry>
-       </row>
-       <row>
-        <entry><function>system</function></entry>
-        <entry>??</entry>
-       </row>
-       <row>
-        <entry><function>passthru</function></entry>
-        <entry>??</entry>
-       </row>
-       <row>
-        <entry><function>mail</function></entry>
-        <entry>??</entry>
-       </row>
-       <row>
-        <entry><link linkend="language.operators.execution">backtick operator</link></entry>
-        <entry>??</entry>
+        <entry>In safe-mode, headers beginning with 'authorization' 
+        (case-insensitive)
+        will not be returned. Warning: this is broken with the aol-server
+        implementation of <function>getallheaders</function>!</entry>
        </row>
        <row>
         <entry>Any function that uses 
diff --git a/functions/cybermut.xml b/functions/cybermut.xml
index 7725ef2e53..83cfb20567 100755
--- a/functions/cybermut.xml
+++ b/functions/cybermut.xml
@@ -40,7 +40,7 @@
    </note>
   </partintro>
 
-  <refentry id="function.cybermut_creerformulairecm">
+  <refentry id="function.cybermut-creerformulairecm">
    <refnamediv>
     <refname>cybermut_creerformulairecm</refname> 
     <refpurpose>Generate HTML form of request for payment</refpurpose>
@@ -104,7 +104,7 @@ $VERSION="1.2";
    </refsect1>
   </refentry>
 
-  <refentry id="function.cybermut_testmac">
+  <refentry id="function.cybermut-testmac">
    <refnamediv>
     <refname>cybermut_testmac</refname> 
     <refpurpose>
@@ -177,7 +177,7 @@ if ($mac_ok) {
    </refsect1>
   </refentry>
 
-  <refentry id="function.cybermut_creerreponsecm">
+  <refentry id="function.cybermut-creerreponsecm">
    <refnamediv>
     <refname>cybermut_creerreponsecm</refname>
     <refpurpose>
diff --git a/functions/dbase.xml b/functions/dbase.xml
index 00a0f110ec..a0711b7983 100644
--- a/functions/dbase.xml
+++ b/functions/dbase.xml
@@ -147,6 +147,7 @@ if (!dbase_create($dbname, $def))
      Returns a dbase_identifier for the opened database, or &false; if
      the database couldn't be opened.
     </para>
+	&note.sm.uidcheck;
    </refsect1>
   </refentry>
 
diff --git a/functions/dbm.xml b/functions/dbm.xml
index 7d6f76ebb1..0d992b87f2 100644
--- a/functions/dbm.xml
+++ b/functions/dbm.xml
@@ -67,6 +67,7 @@ dbmclose ($dbm);
      information on DBM files, see your Unix man pages, or obtain
      <ulink url="&url.gdbm;">GNU's GDBM</ulink>.
     </para>
+    &note.sm.uidcheck;
    </refsect1>
   </refentry>
 
diff --git a/functions/filepro.xml b/functions/filepro.xml
index fa4eaf433f..93347275d7 100644
--- a/functions/filepro.xml
+++ b/functions/filepro.xml
@@ -29,6 +29,7 @@
     <para>
      No locking is done, so you should avoid modifying your filePro
      database while it may be opened in PHP.</para>
+	&note.sm.uidcheck;
    </refsect1>
   </refentry>
 
@@ -102,6 +103,7 @@
     </funcsynopsis>
     <para>
      Returns the data from the specified location in the database.</para>
+	&note.sm.uidcheck;
    </refsect1>
   </refentry>
 
@@ -141,6 +143,7 @@
     </funcsynopsis>
     <para>
      Returns the number of rows in the opened filePro database.</para>
+	&note.sm.uidcheck;
     <para>
      See also <function>filepro</function>.</para>
    </refsect1>
diff --git a/functions/filesystem.xml b/functions/filesystem.xml
index 306c3937e9..b4946e4e35 100644
--- a/functions/filesystem.xml
+++ b/functions/filesystem.xml
@@ -2136,6 +2136,8 @@ mkdir ("/path/to/my/dir", 0700);
      system.
     </para>
 
+    &note.sm.uidcheck;
+
     <para>
      See also <function>is_uploaded_file</function>, and the section
      <link linkend="features.file-upload">Handling file uploads</link>
diff --git a/functions/info.xml b/functions/info.xml
index 12e19891cb..b7c4e74495 100644
--- a/functions/info.xml
+++ b/functions/info.xml
@@ -1332,6 +1332,11 @@ if (substr(php_uname(), 0, 7) == "Windows") {
      These variables will be protected even if <literal>safe_mode_allowed_env_vars</literal>
      is set to allow to change them.
     </para>
+    <warning>
+     <para>
+      These directives have only effect when <link linkend="features.safe-mode">safe-mode</link> itself is enabled!
+     </para>
+    </warning>
     <para>
      <example>
       <title>Setting an Environment Variable</title>
diff --git a/functions/pgsql.xml b/functions/pgsql.xml
index f934bea382..06e882172c 100644
--- a/functions/pgsql.xml
+++ b/functions/pgsql.xml
@@ -907,6 +907,7 @@ for ($i=0; $i&lt;$num; $i++) {
      object otherwise. Remember that handling large objects in
      PostgreSQL must happen inside a transaction.
     </para>
+	&note.sm.uidcheck;
    </refsect1>
   </refentry>
 
diff --git a/functions/posix.xml b/functions/posix.xml
index 0222aee17e..cd24da5565 100644
--- a/functions/posix.xml
+++ b/functions/posix.xml
@@ -578,6 +578,7 @@
     <para>
      Needs to be written ASAP.
     </para>
+	&note.sm.uidcheck.dir;
    </refsect1>
   </refentry>