Edit report at http://bugs.php.net/bug.php?id=31323&edit=1
ID: 31323 Comment by: yanusdnd at inbox dot ru Reported by: julien dot mathieu at gmail dot com Summary: session file permissions differ randomly Status: No Feedback Type: Bug Package: Session related Operating System: Linux PHP Version: 5.1.2, 4.3.9 New Comment: Yes. i've got the same problem. rebooting was help for first 2 or 3 request and again r-- --- ---. You can see that at <a href="http://aquafaq.ru";>aquafaq.ru</a>. First time - OK but all others FAIL: Warning: session_start() [function.session- start]: open(/var/lib/php5/sess_d81882c054eff34d32ae1b247bb64f84, O_RDWR) failed: Permission denied (13) in Previous Comments: ------------------------------------------------------------------------ [2009-09-08 17:56:34] maciejsliwa at op dot pl I have the same problem with O_RDWR, it happend in 20% of usage. It strange, because on the same configuration, but only on diffrent computer it works fine. Computer on which i have problems Notebook HP 6153ea dualcore 1,66Ghz Windows XP Media Center Edition PHP 5.3.0 server Apache Server was instaled by EasyPHP 2.0 the second computer which configuration is identical is AMD Athlon 1Ghz Windows XP Profesional PHP 5.3.0 server Apache and on this its works fine [Tue Sep 08 19:44:37 2009] [error] [client 127.0.0.1] PHP Warning: session_start() [<a href='function.session-start'>function.session-start</a>]: open(C:\\DOCUME~1\\Maciek\\LOCALS~1\\Temp\\\\sess_jcje64e16gqqtpktra8jndo990, O_RDWR) failed: Permission denied (13) in C:\\Program Files\\EasyPHP3_1\\www\\Magazyn\\magazynMain.php on line 3, referer: http://127.0.0.1/Magazyn/magazyn.php ------------------------------------------------------------------------ [2009-03-31 14:47:16] prikid at gmail dot com We are experiencing similar problem with php 5.2.6 on freebsd and red hat linux ------------------------------------------------------------------------ [2008-08-12 16:21:03] linus dot norton at assertis dot co dot uk I have also encountered this twice on redhat running apache 2.2.6 and php 5.2.6. Why has this been closed, no feedback was requested then the ticket is just closed saying no feedback has been given. ------------------------------------------------------------------------ [2006-11-09 14:44:35] mg at iceni dot pl I can confirm this bug happening on php 4.4.2 build as apache 2 (with prefork) module. It's extremaly difficult to reproduce, but with little research it seems to be somehow umask related. The following is from strace running on a apache process that creates the files with wrong permissions open("/tmp/sess_5b2929b94cf141335d0b2d1e5a38fc29", O_RDWR|O_CREAT, 0600) = 186 fstat64(186, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0 So php creates file with 600 permissions but it has only 400 in final. Note that's happening very rarely, normally file is created with 600. I didn't have luck tracing how and when umask is changing during request processing (probably something is changing it prior to the request, so possibly it's not even php related), but I tried to make the following very dirty workaround in ext/session/mod_files.c: ------------------------------------------------ @@ -138,6 +138,7 @@ static void ps_files_open(ps_files *data, const char *key TSRMLS_DC) { char buf[MAXPATHLEN]; + mode_t orig_mask; if (data->fd < 0 || !data->lastkey || strcmp(key, data->lastkey)) { if (data->lastkey) { @@ -156,8 +157,10 @@ data->lastkey = estrdup(key); + orig_mask = umask(0); data->fd = VCWD_OPEN_MODE(buf, O_CREAT | O_RDWR | O_BINARY, 0600); - + umask(orig_mask); + ------------------------------------------------ No matter how ugly it is - it seems to do the job and session files with wrong permissions are no longer created (this workaround is probably bad idea on threaded severs though). ------------------------------------------------------------------------ [2006-11-05 00:16:32] bclaydon at volved dot com To provide further details, I am also using Debian (Sarge) with the latest 4.3.10-16 PHP4 package. My /var/liv/php4 looks exactly as 'pieter at q-go dot com' mentioned: drwx-wx-wt 2 root root 4.0K 2006-11-04 18:58 ./ drwxr-xr-x 35 root root 4.0K 2006-09-08 19:11 ../ -rw------- 1 www-data www-data 77 2006-11-04 18:58 sess_7b8da94a2febce75775d9082cd20d58d -rw------- 1 www-data www-data 116 2006-11-04 19:05 sess_856401c969cc1d4e68b6ffd75457c743 -rw------- 1 www-data www-data 116 2006-11-04 18:58 sess_b5419618a3586b7e3b940a0eaf137fb9 -rw------- 1 www-data www-data 116 2006-11-04 19:09 sess_f7d957b726ff923b4b1f6178f8db489f I am seeing this issue fairly frequently during usage of CakePHP framework which has fairly detailed usage of session functions. I hope this is resolved at some point, especially if it is still open as of 5.2.0 ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=31323 -- Edit this bug report at http://bugs.php.net/bug.php?id=31323&edit=1
