ID: 32851 Comment by: aarong at thinkcomputer dot com Reported By: stegelmann at rz dot rwth-aachen dot de Status: Open Bug Type: Safe Mode/open_basedir Operating System: SunOS 5.8 PHP Version: 5.0.4, 4.3.11 New Comment:
I'm often getting open_basedir errors where I shouldn't, when writing to a path where the file already exists: Warning: fopen(): open_basedir restriction in effect. File(/home/sites/www.thinkcomputer.com/web/index.html) is not within the allowed path(s): (/home/sites/www.thinkcomputer.com/web:/home/think/lampshade:/home/think/whiteboard:/home/think/mail:/home/think/phpmyadmin:/tmp) in /home/think/whiteboard/shared/shared.inc.php on line 565 In this case, the warning is simply wrong: /home/sites/www.thinkcomputer.com/web/index.html *is* within the allowed path /home/sites/www.thinkcomputer.com/web. Furthermore, /home/sites/www.thinkcomputer.com is a symlink to /home/sites/site1, but putting /home/sites/site1 in the open_basedir allowed path listing doesn't change anything except the literal text of the error. Adding trailing slashes also doesn't help. Maybe I'm missing something here, but this seems like a bug... I'm running 4.3.11 on Apache 1.3.33. Previous Comments: ------------------------------------------------------------------------ [2005-04-28 00:06:15] stegelmann at rz dot rwth-aachen dot de I've read the documentation. At the risk of repeating myself: If the symlink was resolved - I would expect at least one of the given open_basedirs to match (as both possibilities are specified - resolved and unresolved). If this is not the intended way it should work, why is there a difference between creating a new and opening an existing file (as opening an existing file in the symlinked directory works, while creating a new file fails)? ------------------------------------------------------------------------ [2005-04-27 23:28:23] [EMAIL PROTECTED] This is expected behaviour and it's documented in the docs: "When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink." http://www.php.net/manual/en/features.safe-mode.php Pay attentions to the last sentence. ------------------------------------------------------------------------ [2005-04-27 14:45:30] stegelmann at rz dot rwth-aachen dot de To perhaps clarify - after the file was created with your code: $f = fopen("/export2/home/websites/it/test", "w"); the previously unsuccessful attempt: $f = fopen("/export/home/websites/it/test", "w"); does work (as I mentioned in the initial report). So just the file's creation fails in combination with the symlink. ------------------------------------------------------------------------ [2005-04-27 14:29:51] stegelmann at rz dot rwth-aachen dot de $f = fopen("/export2/home/websites/it/test", "w"); does work. ------------------------------------------------------------------------ [2005-04-27 12:59:39] [EMAIL PROTECTED] Does this work: $f = fopen("/export2/home/websites/it/test", "w"); ie. writing to the actual directory..? ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/32851 -- Edit this bug report at http://bugs.php.net/?id=32851&edit=1
