Embedding secure scripting language in PHP (req PHP internals expert)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I need to expose some scripting functionality to novice users in a project  
of mine. What i wonderd was if anyone knew a way of executing secure PHP  
 from within a PHP script or an alternative embedded scripting method? Some  
interaction between the PHP script host and the secure embedded script are  

I'm currently i'm playing with ASP.NET(C#) and embeded  
jscript(spidermonkey) via managed C++ library but it's quite alot of work,  

I already know about runkit but last time i checked it was pretty broken  
and lacked execution time limits; I also emailed the author but got no  
reply. Perhaps just fixing runkit myself would be a simpler option? Is  
this a viable option, can runkit be fixed up to properly secure a PHP  
context? Spawning a seperate process for every request is pretty much out  
of the question as it's too expensive for what i have in mind, this is for  
a windows host so.

I need to allow looping, branching and basic PHP features but no access to  
OS resources and absolutely no file system access. I'd also need a way to  
impose memory and CPU time restrictions.

Thanks for any help.
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

Re: Embedding secure scripting language in PHP (req PHP internals expert)

<snip />

Quoted text here. Click to load it

hehe sounds a lot like a plain vanilla shared hosting account :-)

one host I deal with will let you do limited system things like
system("ls -l",$ret);
but won't let you do chmod,create or write to a file (unless directory
permissions are set to 757) since php comes in as an other user.

I guess you could always redefine system, fopen and a few other functions so
that they allow url opeing where appropriate but not local files.
and then make it so that the code interface is via php so you control what
gets uploaded and run.

and you can set both timeout and max memory usage in php.ini

Re: Embedding secure scripting language in PHP (req PHP internals expert)

On Fri, 29 Sep 2006 06:55:46 +0100, Johnny  

Quoted text here. Click to load it

I think this is what runkit does through its extension; it creates another  
PHP context and hooks certain PHP functions to control access and usage.  
Using file system restrictions probably wont work because the host script  
does need database/filesystem/network access, it's just the restricted PHP  
that shouldnt be allow todo anything but access a provided API and perform  
basic PHP language operations. There is afaik no way you can provide a  
restricted "eval" like you can in other languages, like Lua. Lua really is  
ideal for this sort of restriction but it's an extremely basic quirky  
language which is no good atall for web development.

I think runkit might be my soloution but i can only get it to compile  
statically linked which means i'm probably going to have to do a complete  
build of PHP on windows, not tham i'm affraid of getting my hands dirty  
it's just more work i dont need.

I guess im still weighing up whether ASP.NET + Spidermonkey will be a  
better soloution than doing a complete rebuild of PHP + fixed runkit.  
Fixing runkit looks like im really going to have todo my homework on the  
PHP Zend engine and go on a serious bug hunt. I found some pretty basic  
bugs in runkit that i wasn't expecting to find. Things like not allocating  
space and corrupting the stack.... made me lose a little faith in runkits  

I really need some PHP internals guru to chime in.

Site Timeline