Protecting .php files from being modified

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Protecting .php files from being modified

Post by kaisellgren »

Hi,

I have an open source project and I would like to prevent people from modifying one .php file. I have been thinking a lot. I would not like to put zend encoding on the file or other alternatives. I've been thinking about making an automatic update system that updates all project files (also back to normal state if someone modified).

Any ideas?
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Protecting .php files from being modified

Post by Mordred »

1. It would not be open source if you put restrictions like this.
2. You can do some smart things to fool the dumb users, but as soon as a smart user figures it out, your "protection" is gone.
3. Maybe you should describe the problem more thoroughly - why do you need to protect this file, what's so important in it?
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: Protecting .php files from being modified

Post by alex.barylski »

Very little you can do...encoding isn't going to help.

Your best bet...if all you need is to protect one PHP file is to write it as an extension.

Alternatively if it's not code you are protecting but just ensuring the function never changes you could maybe store the function on a remote server you control and then implement a custom stream wrapper so when that file is included you download the remote file via FTP or HTTP (the latter preferably) and let PHP do it's thing.

Cheers,
Alex
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Protecting .php files from being modified

Post by Eran »

The last line about an update makes me think you are intending to use a source versioning scheme such as SVN to distribute the code. If that is the case, you can set up permissions through it any way you like and prevent commits to particular parts in the code.
This doesn't prevent people from modifying it for their own personal use though.
Post Reply