ID: 14076 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Open Bug Type: *Directory/Filesystem functions Operating System: Linux PHP Version: 4.0.6 New Comment:
This bug still exists in PHP 4.1.2. A similiar problem also affects safe_mode_include_dir (path-statements containing symlinks do not work: "The script whose uid is 1234 is not allowed to access /my/safe_mode_include_path/with/symlink/mail.php owned by uid 0"). Could someone *please* fix this ? Hajo Previous Comments: ------------------------------------------------------------------------ [2002-01-17 14:59:12] [EMAIL PROTECTED] I've verified that this problem still exists in PHP 4.1.1. Hajo Noerenberg ------------------------------------------------------------------------ [2002-01-16 13:42:52] [EMAIL PROTECTED] As a workaround you can use relative paths in all of your fopen()-calls: fopen("./test.html") always works (I think php prepends the *expanded path* then -- see the last paragraph in my previous comment). Hajo ------------------------------------------------------------------------ [2002-01-16 13:21:11] [EMAIL PROTECTED] This problem has nothing to do with wrong file/directory modes. I'm quite sure that it is a bug in the PHP-realpath-code. Please consider the following setup layout: /var/www/ = symlink to /mnt/sda1/www /var/www/domain.com = apache document_root = php open_basedir /var/www/domain.com/test.html = test file for fopen() I've added some debug code to fopen_wrappers.c : php_error(E_NOTICE, "check_specific_open_basedir ( comparing resolved name %s to resolved_basedir %s )", resolved_name, resolved_basedir); if (strncmp(resolved_basedir, resolved_name, strlen(resolved_basedir)) == 0) { Trying to fopen("/var/www/domain.com/test.html") results in two cases: 1. /var/www/domain.com/test.html already exists PHP Warning: check_specific_open_basedir ( comparing resolved name /mnt/sda1/www/domain.com/test.html to resolved_basedir /mnt/sda1/www/domain.com/test.html ) -> fopen() succeeds 2. /var/www/domain.com/test.html does *not* exist PHP Warning: check_specific_open_basedir ( comparing resolved name /var/www/domain.com/test.html to resolved_basedir /mnt/sda1/www/domain.com/test.html ) -> fopen() fails with "open basedir restriction in effect"-error As you can see in the debug output, PHP does not correctly expand the file path if the file does not exists ! Trying to fopen("/mnt/sda1/www/domain.com/test.html") always succeeds because PHP does not need to expand the filename anymore (-> strncmp is always true ). Hajo (Linux 2.2 - PHP 4.0.6 - afaik the problem still exists in 4.1.X) ------------------------------------------------------------------------ [2001-11-19 13:50:10] [EMAIL PROTECTED] Well, the fact that it can create a *new directory* in the same directory, already means that the apache process has sufficient permissions to also create a file in it. However, these are the permissions: webedit@penguin:/var/www/tmp/submit$ ls -lad ./ drwxrwx--- 18 webedit www 4096 Nov 15 19:13 ./ Apache runs as user `www', and the scripts are owned by user `webedit'. Note that the directory is owned by the same user as the script, and writeable to Apache, so the requirements of safe mode are met. Thank you for your response. -- Arcady Genkin ------------------------------------------------------------------------ [2001-11-19 12:37:01] [EMAIL PROTECTED] Post please the mod of your directory and tell me the user and group of your apache. Maybe the apache dont have rights to create a new file in your directory but he owns the newfile and can remove/edit this file. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/14076 -- Edit this bug report at http://bugs.php.net/?id=14076&edit=1