Edit report at https://bugs.php.net/bug.php?id=51949&edit=1
ID: 51949
Comment by: jo at feuersee dot de
Reported by: lars dot plessmann at gmx dot de
Summary: open_basedir and move_uploaded_file does not
harmonize!
Status: Open
Type: Bug
Package: Filesystem function related
Operating System: Linux h1638833 2.6.18-028stab064
PHP Version: 5.3.2
Block user comment: N
Private report: N
New Comment:
See http://open.silverstripe.org/ticket/5547
I'd say it's an application level bug (in this case silverstripe), not a PHP
bug.
Both move_uploaded_file and is_uploaded_file expect the 1st param to be the
unmodified temp filename inside upload_dir, but siverstripe copies the
uploaded file and then uses these function, thus they always fail.
A patch is avail
Previous Comments:
------------------------------------------------------------------------
[2010-05-30 19:28:07] lars dot plessmann at gmx dot de
Description:
------------
I have several vhosts and I'd like to use the open_basedir setting for them.
My PHP config is something like that:
Directive | Local Value | Master Value
[...]
safe_mode | Off | Off
safe_mode_exec_dir | /usr/local/php/bin | /usr/local/php/bin
safe_mode_gid | Off | Off
safe_mode_include_dir | no value | no value
upload_tmp_dir | /tmp | /tmp
open_basedir | /srv/www/vhosts/domain.tld/httpdocs;/tmp | no value
[...]
When I upload files, they do get in /tmp directory and have the privilege:
-rw-r--r-- 1 wwwrun www 647585 30. Mai 15:43 demo.jpg
The move_uploaded_file function with using absolute directories and correct
paths (I proofed this) returns always false on my PHP 5.3.1 and PHP 5.3.2
compilation!
The target directory has full rwx privileges for all user/group/others and
there is not a filesystem privilege problem!
The php log files are not very verbose, in fact, it tells me nothing about the
failed movement (also tried with report_error = E_ALL).
If I use rename instead of move_uploaded_file, PHP seems to move the file.
Test script:
---------------
// assumes the upload is successfully done (I can see the file in
// in the filesystem with the privileges: -rw-r--r-- 1 wwwrun www).
[...]
if(move_uploaded_file("/tmp/silverstripe-cache-srv-www-vhosts-domain.tld-httpdocs-silverstripe-v2.4.0/demo.jpg",
"/srv/www/vhosts/domain.tld/httpdocs/silverstripe-4.2.0/assets/Upload/demo.jpg"))
{
return true;
} else {
return false;
}
[...]
Expected result:
----------------
I expect that the file can be moved with the move_uploaded_file from /tmp to
the /srv/www/vhosts/domain.tld/httpdocs/silverstripe-4.2.0/assets/Upload by PHP
(apache user wwwrun) which created the file in the directory /tmp as well (just
a few seconds before). It should take care of the open_basedir setting.
The target directory and also the source directory is specified in the
open_basedir setting.
Actual result:
--------------
If I overwrite the open_basedir setting for the virtual host to "none", the
upload and move_uploaded_file works fine:
Directive | Local Value | Master Value
open_basedir | no value | no value
But it's not a pretty solution for me just to turn off this security feature!
When I google I only find thousends of other people having problems with
open_basedir. :-(
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=51949&edit=1
