Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

PHP sandbox/sanitize code passed to create_function

I am using create_function to run some user-code at server end. I am looking for any of these two:

  1. Is there a way to sanitize the code passed to it to prevent something harmful from executing?
  2. Alternately, is there a way to specify this code to be run in a sandboxed environment so that the user can't play around with anything else.

Thanks!

like image 892
kpowerinfinity Avatar asked Jul 13 '26 15:07

kpowerinfinity


2 Answers

http://php.net/runkit

like image 170
bernedef Avatar answered Jul 16 '26 06:07

bernedef


You could use the tonkenizer to figure out what the code will do, then whitelist certain functions and operations. I think it would end up being very difficult (or impossible) to make it foolproof, especially given PHP's flexibility:

$f = "shell_exec";
$arg = 'rm -rf /';

$f($arg); // ouch
call_user_func($f, $arg); // ouch
eval("$f('$arg');"); // ouch

$newF = create_user_function('', "$f('$arg');");
$newF(); // ouch

The only kind of sandbox that will give you 100% security (well, 99.9%...) is a virtual machine you can just throw away afterwards.

like image 24
Greg Avatar answered Jul 16 '26 07:07

Greg



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!