ID: 14923 Updated by: Jade Nicoletti <[EMAIL PROTECTED]> Old Reported By: [EMAIL PROTECTED] Reported By: Jade Nicoletti <[EMAIL PROTECTED]> Status: Open Bug Type: Filesystem function related Operating System: Linux 2.4.17, Debian unstable PHP Version: 4.1.0 New Comment:
The submitter of this bug is right. PHP must not (try to) calculate access rights. Only the operating system knows what really allows or denies access. There may be access control lists (ACLs), mandatory access control (MAC), capabilities and may be even other access determining factors in effect. Therefore PHP should really use access(2) for the is_*able() family. --Jade Previous Comments: ------------------------------------------------------------------------ [2002-01-07 22:05:30] [EMAIL PROTECTED] The is_writeable, is_readable and is_executable functions make the assumption that all permissions on POSIX systems will be limited to UID/GID masks applied to the current process UID and GID. The particular application where this is biting me is accessing files on an XFS filesystem. On top of the plain old file permissions, which by default give the webserver UID/GID access to a whole swag of files, several files are specifically excluded from the webserver UID/GID using POSIX ACL's such as: chuckles:/mnt/archive$ getfacl somefile # somefile: 002-asdf/ # owner: danpat # group: users user::rwx group::r-- other::r-- group:www-data:--- The user "www-data" under which the webserver runs is a member of both the "users" group and the "www-data" group. This ACL means that members of the "users" group who are no also members of the "www-data" group can read the file, but people who are in both groups may not. For this case, calculating the bitmasks is not enough to determine the correct result. I note that the PHP code uses the stat() function to obtain the file permissions and calculates the permissions itself. There is an alternative function in access(2) which can be used to obtain the readability, writeability and executability of a file in a way such as: #include <unistd.h> int is_writeable(const char *filename) { return access(filename, W_OK); } int is_readable(const char *filename) { return access(filename, R_OK); } int is_executable(const char *filename) { return access(filename, X_OK); } I believe something like this is probably more inline with what the is_readable, is_writeable and is_executable function are trying to achieve. Currently, they're returning the mask of the process UID/GID and the file mask, however, this isn't always 100% accurate (i.e. if running as the superuser, is_readable is almost always true, even if the file permissions say otherwise). ------------------------------------------------------------------------ Edit this bug report at http://bugs.php.net/?id=14923&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]