forked from welltime/phpagi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
phpagi-fastagi.php
executable file
·79 lines (67 loc) · 2.29 KB
/
phpagi-fastagi.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/usr/local/bin/php -q
<?php
/**
* phpagi-fastagi.php : PHP FastAGI bootstrap
* @see https://github.com/welltime/phpagi
* @filesource http://phpagi.sourceforge.net/
*
* $Id: phpagi-fastagi.php,v 1.2 2005/05/25 18:43:48 pinhole Exp $
*
* Copyright (c) 2004, 2005 Matthew Asham <matthewa@bcwireless.net>, David Eder <david@eder.us>
* All Rights Reserved.
*
* This software is released under the terms of the GNU Lesser General Public License v2.1
* A copy of which is available from http://www.gnu.org/copyleft/lesser.html
*
* We would be happy to list your phpagi based application on the phpagi
* website. Drop me an Email if you'd like us to list your program.
*
* @package phpAGI
* @version 2.0
* @example docs/fastagi.xinetd Example xinetd config file
*/
/**
* Written for PHP 4.3.4, should work with older PHP 4.x versions.
* Please submit bug reports, patches, etc to https://github.com/welltime/phpagi
*
*/
require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'phpagi.php');
$fastagi = new AGI();
$fastagi->verbose(print_r($fastagi, true));
if(!isset($fastagi->config['fastagi']['basedir']))
$fastagi->config['fastagi']['basedir'] = dirname(__FILE__);
// perform some security checks
$script = $fastagi->config['fastagi']['basedir'] . DIRECTORY_SEPARATOR . $fastagi->request['agi_network_script'];
// in the same directory (or subdirectory)
$mydir = dirname($fastagi->config['fastagi']['basedir']) . DIRECTORY_SEPARATOR;
$dir = dirname($script) . DIRECTORY_SEPARATOR;
if(substr($dir, 0, strlen($mydir)) != $mydir)
{
$fastagi->conlog("$script is not allowed to execute.");
exit;
}
// make sure it exists
if(!file_exists($script))
{
$fastagi->conlog("$script does not exist.");
exit;
}
// drop privileges
if(isset($fastagi->config['fastagi']['setuid']) && $fastagi->config['fastagi']['setuid'])
{
$owner = fileowner($script);
$group = filegroup($script);
if(!posix_setgid($group) || !posix_setegid($group) || !posix_setuid($owner) || !posix_seteuid($owner))
{
$fastagi->conlog("failed to lower privileges.");
exit;
}
}
// make sure script is still readable
if(!is_readable($script))
{
$fastagi->conlog("$script is not readable.");
exit;
}
require_once($script);
?>