From 1b7ec50b72559b21bd9631b74213a34f9d75e830 Mon Sep 17 00:00:00 2001 From: Ben Fuhrmannek Date: Fri, 4 Mar 2016 09:51:24 +0100 Subject: added open_basedir protection against symlink --- tests/executor/allow_symlink_off.phpt | 24 ++++++++++++++++++++++++ tests/executor/allow_symlink_on.phpt | 22 ++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 tests/executor/allow_symlink_off.phpt create mode 100644 tests/executor/allow_symlink_on.phpt diff --git a/tests/executor/allow_symlink_off.phpt b/tests/executor/allow_symlink_off.phpt new file mode 100644 index 0000000..8abdee8 --- /dev/null +++ b/tests/executor/allow_symlink_off.phpt @@ -0,0 +1,24 @@ +--TEST-- +suhosin.executor.allow_symlink=Off +--SKIPIF-- + +--INI-- +error_reporting=E_ALL +open_basedir= +suhosin.log.syslog=0 +suhosin.log.sapi=0 +suhosin.log.script=0 +suhosin.log.file=255 +suhosin.log.file.time=0 +suhosin.log.file.name={PWD}/suhosintest.$$.log.tmp +auto_append_file={PWD}/suhosintest.$$.log.tmp +suhosin.executor.allow_symlink=Off +--FILE-- + +--EXPECTF-- +Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 2 +ALERT - symlink called during open_basedir (attacker 'REMOTE_ADDR not set', file '%s', line 4) diff --git a/tests/executor/allow_symlink_on.phpt b/tests/executor/allow_symlink_on.phpt new file mode 100644 index 0000000..dbf902c --- /dev/null +++ b/tests/executor/allow_symlink_on.phpt @@ -0,0 +1,22 @@ +--TEST-- +suhosin.executor.allow_symlink=On +--SKIPIF-- + +--INI-- +error_reporting=E_ALL +open_basedir= +suhosin.log.stdout=255 +suhosin.log.script=0 +suhosin.log.syslog=0 +suhosin.log.sapi=0 +suhosin.executor.allow_symlink=On +--FILE-- + +--EXPECTF-- +Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 2 + +Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 4 -- cgit v1.3