[nycphp-talk] PHP DLOpen Vulnerability WAS: php problems from SecurityFocus Newsletter # 210
hans at nyphp.org
Tue Aug 19 16:43:16 EDT 2003
Analysis & Solutions wrote:
> Howdy Again:
> On Tue, Aug 19, 2003 at 11:09:27AM -0400, Analysis & Solutions wrote:
>>Is this a function that's used by PHP internals or something?
> As it turns out, yes it is something in PHP's source code. I wrote
> Security Focus to have them clarify such in the database/webpage and to
> fix the broken links to the exploit code. They responded accordingly.
As Max pointed out, dlopen() will load a shared object, akin to dl() in PHP-land (IIRC). But I still don't see how this is a valid security hole. When you load a shared object, its implied that it'll have access to the process. It's like saying: my apartment's front door is a vulnerability because when I invite someone in, they can see my apartment.
It's quite possible I'm missing something, but I wish securityfocus.com would acknowledge this as erroneous. Although I'm not holding my breath.
More information about the talk