#30188 [Com]: open_basedir check is badly performed under some circumstances

Thu, 14 Oct 2004 02:51:33 -0700 

 ID:               30188
 Comment by:       evp at heise dot de
 Reported By:      lists+php at box dot cz
 Status:           Open
 Bug Type:         Filesystem function related
 Operating System: Linux (Gentoo, latest)
 PHP Version:      5.0.1
 New Comment:

> Maybe it would be better to perform open_basedir check just 
> on dirs
> instead of files (in various filesystem functions)?

No, because it's sometimes vital to have files in open_basedir to allow
acces to one specific file without the need to put it  into a directory
for its own.


Previous Comments:
------------------------------------------------------------------------

[2004-09-21 23:50:28] lists+php at box dot cz

Description:
------------
My setup:
document root is: "/home/wejn/x/docs/html/".

While "/home/wejn/x/docs/html/" is symlink to:
"/home/wejn/x/docs1/html/".

I have safe_mode enabled and open_basedir set to
"/home/wejn/x/docs/html:/home/wejn/x/docs1/html".

With this setup I'm unable to perform:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

when "y" doesn't exist. If I touch "y" prior running the
script, everything runs just fine.

IMO, there is problem with symlink resolving code somewhere under 
php_check_specific_open_basedir().

It seems to me that more precise location of the bug is somewhere in
virtual_file_ex() regarding the realpath() call.

Maybe it would be better to perform open_basedir check just on dirs
instead of files (in various filesystem functions)?

Btw, this problem exists also in 4.3.8, which makes me think that it's
there for a LONG time ... unnoticed.

W.

Reproduce code:
---------------
// when all conditions described above are met, this fails:
copy('/home/wejn/x/docs/html/x', '/home/wejn/x/docs/html/y');

Expected result:
----------------
no error.

Actual result:
--------------
Warning: copy() [function.copy]: open_basedir restriction in effect.
File(/home/wejn/x/docs/html/y) is not within the allowed path(s):
(/home/wejn/x/docs/html:/home/wejn/x/docs1/html) in
/home/wejn/x/docs1/html/index.html on line 2

Warning: copy(/home/wejn/x/docs/html/y) [function.copy]: failed to open
stream: Operation not permitted in /home/wejn/x/docs1/html/index.html on
line 2


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=30188&edit=1

Reply via email to