ID: 7933 Updated by: sniper Reported By: [EMAIL PROTECTED] Old-Status: Open Status: Closed Bug Type: *Install and Config PHP Version: 4.0.3pl1 Assigned To: Comments: The header files get installed with the same user/group as the user installing them is. At least all files I have installed (latest CVS) have root.root as owners. --Jani Previous Comments: --------------------------------------------------------------------------- [2000-12-19 03:21:45] [EMAIL PROTECTED] Ok, I'm posting some more info, on request. The 'problem' seems to be that theese header files get installed without shtool setting sane ownerships. If you untar/compile it as root, you get whatever uid/gid ownership those files had inside the tarball. If you on the other hand untar/compile it as a 'normal' user, they will probably get that users ownership (untested). For the record, ownerships are 'wrong' after installation (make install), in $PREFIX/include/php Of course this is no problem for paranoid admins like me, who check things often, but for the average person installing PHP, this could be a issue. -- trippeh. --------------------------------------------------------------------------- [2000-12-18 11:32:12] [EMAIL PROTECTED] Setting the permissions and owner's of files is your duty and responsibility. --Jani --------------------------------------------------------------------------- [2000-11-22 16:27:22] [EMAIL PROTECTED] The installation from the source tarballs installs a lot of include files with a wrong owner.group flag. This can be potentially very dangerous, allowing a user with the same UID, and in some cases the same GID as the files, to modify header files in the PHP installation. This also goes for some files installed by apache's makefile's, but on less "dangerous" files. A separate bug-report will be issued in their direction later tonight. Here's a list of the files not owned by root. /usr/local/include/php/Zend/FlexLexer.h /usr/local/include/php/Zend/acconfig.h /usr/local/include/php/Zend/modules.h /usr/local/include/php/Zend/zend-parser.h /usr/local/include/php/Zend/zend-scanner.h /usr/local/include/php/Zend/zend.h /usr/local/include/php/Zend/zend_API.h /usr/local/include/php/Zend/zend_alloc.h /usr/local/include/php/Zend/zend_builtin_functions.h /usr/local/include/php/Zend/zend_compile.h /usr/local/include/php/Zend/zend_config.w32.h /usr/local/include/php/Zend/zend_constants.h /usr/local/include/php/Zend/zend_dynamic_array.h /usr/local/include/php/Zend/zend_errors.h /usr/local/include/php/Zend/zend_execute.h /usr/local/include/php/Zend/zend_execute_locks.h /usr/local/include/php/Zend/zend_extensions.h /usr/local/include/php/Zend/zend_fast_cache.h /usr/local/include/php/Zend/zend_globals.h /usr/local/include/php/Zend/zend_globals_macros.h /usr/local/include/php/Zend/zend_hash.h /usr/local/include/php/Zend/zend_highlight.h /usr/local/include/php/Zend/zend_indent.h /usr/local/include/php/Zend/zend_list.h /usr/local/include/php/Zend/zend_llist.h /usr/local/include/php/Zend/zend_operators.h /usr/local/include/php/Zend/zend_ptr_stack.h /usr/local/include/php/Zend/zend_stack.h /usr/local/include/php/Zend/zend_static_allocator.h /usr/local/include/php/Zend/zend_variables.h /usr/local/include/php/TSRM/TSRM.h /usr/local/include/php/TSRM/acconfig.h /usr/local/include/php/TSRM/readdir.h /usr/local/include/php/TSRM/tsrm_config.w32.h /usr/local/include/php/TSRM/tsrm_config_common.h /usr/local/include/php/TSRM/tsrm_strtok_r.h /usr/local/include/php/TSRM/tsrm_virtual_cwd.h /usr/local/include/php/ext/standard/base64.h /usr/local/include/php/ext/standard/basic_functions.h /usr/local/include/php/ext/standard/cyr_convert.h /usr/local/include/php/ext/standard/datetime.h /usr/local/include/php/ext/standard/dl.h /usr/local/include/php/ext/standard/dns.h /usr/local/include/php/ext/standard/exec.h /usr/local/include/php/ext/standard/file.h /usr/local/include/php/ext/standard/flock_compat.h /usr/local/include/php/ext/standard/fsock.h /usr/local/include/php/ext/standard/head.h /usr/local/include/php/ext/standard/html.h /usr/local/include/php/ext/standard/info.h /usr/local/include/php/ext/standard/md5.h /usr/local/include/php/ext/standard/microtime.h /usr/local/include/php/ext/standard/pack.h /usr/local/include/php/ext/standard/pageinfo.h /usr/local/include/php/ext/standard/php_array.h /usr/local/include/php/ext/standard/php_assert.h /usr/local/include/php/ext/standard/php_browscap.h /usr/local/include/php/ext/standard/php_crypt.h /usr/local/include/php/ext/standard/php_dir.h /usr/local/include/php/ext/standard/php_ext_syslog.h /usr/local/include/php/ext/standard/php_filestat.h /usr/local/include/php/ext/standard/php_image.h /usr/local/include/php/ext/standard/php_incomplete_class.h /usr/local/include/php/ext/standard/php_iptc.h /usr/local/include/php/ext/standard/php_lcg.h /usr/local/include/php/ext/standard/php_link.h /usr/local/include/php/ext/standard/php_mail.h /usr/local/include/php/ext/standard/php_math.h /usr/local/include/php/ext/standard/php_metaphone.h /usr/local/include/php/ext/standard/php_output.h /usr/local/include/php/ext/standard/php_parsedate.h /usr/local/include/php/ext/standard/php_rand.h /usr/local/include/php/ext/standard/php_standard.h /usr/local/include/php/ext/standard/php_string.h /usr/local/include/php/ext/standard/php_var.h /usr/local/include/php/ext/standard/quot_print.h /usr/local/include/php/ext/standard/reg.h /usr/local/include/php/ext/standard/scanf.h /usr/local/include/php/ext/standard/type.h /usr/local/include/php/ext/standard/uniqid.h /usr/local/include/php/ext/standard/url.h /usr/local/include/php/ext/standard/url_scanner.h /usr/local/include/php/ext/standard/php_smart_str.h /usr/local/include/php/ext/standard/url_scanner_ex.h /usr/local/include/php/ext/xml/expat/xmlparse/expat_hashtable.h /usr/local/include/php/ext/xml/expat/xmlparse/xmlparse.h /usr/local/include/php/ext/xml/expat/xmltok/asciitab.h /usr/local/include/php/ext/xml/expat/xmltok/iasciitab.h /usr/local/include/php/ext/xml/expat/xmltok/latin1tab.h /usr/local/include/php/ext/xml/expat/xmltok/nametab.h /usr/local/include/php/ext/xml/expat/xmltok/utf8tab.h /usr/local/include/php/ext/xml/expat/xmltok/xmldef.h /usr/local/include/php/ext/xml/expat/xmltok/xmlrole.h /usr/local/include/php/ext/xml/expat/xmltok/xmltok.h /usr/local/include/php/ext/xml/expat/xmltok/xmltok_impl.h /usr/local/include/php/ext/xml/php_xml.h /usr/local/include/php/main/SAPI.h /usr/local/include/php/main/config.w32.h /usr/local/include/php/main/configuration-parser.h /usr/local/include/php/main/fdfdata.h /usr/local/include/php/main/fopen-wrappers.h /usr/local/include/php/main/internal_functions_registry.h /usr/local/include/php/main/logos.h /usr/local/include/php/main/php.h /usr/local/include/php/main/php3_compat.h /usr/local/include/php/main/php_compat.h /usr/local/include/php/main/php_content_types.h /usr/local/include/php/main/php_globals.h /usr/local/include/php/main/php_ini.h /usr/local/include/php/main/php_main.h /usr/local/include/php/main/php_reentrancy.h /usr/local/include/php/main/php_regex.h /usr/local/include/php/main/php_syslog.h /usr/local/include/php/main/php_ticks.h /usr/local/include/php/main/php_variables.h /usr/local/include/php/main/php_version.h /usr/local/include/php/main/rfc1867.h /usr/local/include/php/main/safe_mode.h /usr/local/include/php/main/snprintf.h /usr/local/include/php/main/win95nt.h /usr/local/include/php/main/php_network.h /usr/local/include/php/main/php_open_temporary_file.h /usr/local/include/php/regex/cclass.h /usr/local/include/php/regex/cname.h /usr/local/include/php/regex/regex.h /usr/local/include/php/regex/regex2.h /usr/local/include/php/regex/regex_extra.h /usr/local/include/php/regex/utils.h /usr/local/include/php/acconfig.h --------------------------------------------------------------------------- ATTENTION! Do NOT reply to this email! To reply, use the web interface found at http://bugs.php.net/?id=7933&edit=2 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]