xref: /PHP-7.4/ext/phar/tests/security.phpt (revision 26dfce7f) 
1--TEST--
2Phar: test to ensure phar.readonly cannot be circumvented
3--SKIPIF--
4<?php if (!extension_loaded("phar")) die("skip");?>
5--INI--
6phar.readonly=0
7--FILE--
8<?php
9$fname = __DIR__ . '/' . basename(__FILE__, '.php') . '.phar.php';
10$fname2 = __DIR__ . '/' . basename(__FILE__, '.php') . '.1.php';
11$a = new Phar($fname);
12$a->setStub('<?php
13Phar::mapPhar();
14$phar = new Phar(__FILE__);
15var_dump($phar->isWritable());
16try {
17$phar["b"] = "should not work!";
18} catch (Exception $e) {
19echo $e->getMessage(),"\n";
20}
21__HALT_COMPILER();
22?>');
23$a['hi'] = 'hi';
24unset($a);
25copy($fname, $fname2);
26Phar::unlinkArchive($fname);
27ini_set('phar.readonly', 1);
28include $fname2;
29?>
30===DONE===
31--CLEAN--
32<?php unlink(__DIR__ . '/' . basename(__FILE__, '.clean.php') . '.1.php'); ?>
33--EXPECT--
34bool(false)
35Write operations disabled by the php.ini setting phar.readonly
36===DONE===
37