1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Raise a setup fatal for 'disable_functions' or 'disable_classes'

Summary:
Fixes T3709. PHP has two configuration options ('disable_functions', 'disable_classes') which allow functions and classes to be blacklisted at runtime.

Since these break things in an unclear way, raise a setup fatal if they are set.

We take a slightly more tailored approach to these in `phd` already, but I'd rather try just saying "no, this is bad" and see if we can get away with it. I suspect we can, and there's no legitimate reason to blacklist functions given that Phabricator must have access to, e.g., `proc_open()`.

Test Plan: {F54058}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3709

Differential Revision: https://secure.phabricator.com/D6739
This commit is contained in:
epriestley 2013-08-13 10:11:05 -07:00
parent f37b315dec
commit b7387f314b

View file

@ -24,6 +24,32 @@ final class PhabricatorSetupCheckPHPConfig extends PhabricatorSetupCheck {
return;
}
// Check for `disable_functions` or `disable_classes`. Although it's
// possible to disable a bunch of functions (say, `array_change_key_case()`)
// and classes and still have Phabricator work fine, it's unreasonably
// difficult for us to be sure we'll even survive setup if these options
// are enabled. Phabricator needs access to the most dangerous functions,
// so there is no reasonable configuration value here which actually
// provides a benefit while guaranteeing Phabricator will run properly.
$disable_options = array('disable_functions', 'disable_classes');
foreach ($disable_options as $disable_option) {
if (ini_get($disable_option)) {
$message = pht(
"You have '%s' enabled in your PHP configuration.\n\n".
"This option is not compatible with Phabricator. Remove ".
"'%s' from your configuration to continue.",
$disable_option,
$disable_option);
$this->newIssue('php.'.$disable_option)
->setIsFatal(true)
->setName(pht('Remove PHP %s', $disable_option))
->setMessage($message)
->addPHPConfig($disable_option);
}
}
$open_basedir = ini_get('open_basedir');
if ($open_basedir) {