https://bugzilla.wikimedia.org/show_bug.cgi?id=24898
Summary: MediaWiki uses /tmp even if a vHost-specific tempdir
is set
Product: MediaWiki
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: Normal
Component: History/Diffs
AssignedTo: [email protected]
ReportedBy: [email protected]
My apache config contains for every virtual host a line like this:
SetEnv TMP /home/www/example.com/tmp/
to have tempfiles in a directory specific to each virtual host.
Unfortunately MediaWiki ignores $TMP and always uses /tmp. AFAIK this behaviour
was introduced in 1.16 - I did not notice it in 1.15.
The bug is in includes/GlobalFunctions.php:
function wfTempDir() {
if( function_exists( 'sys_get_temp_dir' ) ) {
return sys_get_temp_dir();
}
foreach( array( 'TMPDIR', 'TMP', 'TEMP' ) as $var ) {
$tmp = getenv( $var );
if( $tmp && file_exists( $tmp ) && is_dir( $tmp ) && is_writable( $tmp
) ) {
return $tmp;
}
}
# Hope this is Unix of some kind!
return '/tmp';
}
Basically the function does the checks in the wrong order. On PHP >= 5.2.1
sys_get_temp_dir() exists and will always return /tmp - it ignores $TMP, see
the comments on http://php.net/sys_get_temp_dir
The correct order would be:
1. $TMPDIR, $TMP, $TEMP
2. sys_get_temp_dir()
3. /tmp fallback
Patch: (3 lines moved)
--- includes/GlobalFunctions.php (Revision 71214)
+++ includes/GlobalFunctions.php (Arbeitskopie)
@@ -2137,15 +2137,15 @@
* @return String
*/
function wfTempDir() {
- if( function_exists( 'sys_get_temp_dir' ) ) {
- return sys_get_temp_dir();
- }
foreach( array( 'TMPDIR', 'TMP', 'TEMP' ) as $var ) {
$tmp = getenv( $var );
if( $tmp && file_exists( $tmp ) && is_dir( $tmp ) &&
is_writable( $tmp ) ) {
return $tmp;
}
}
+ if( function_exists( 'sys_get_temp_dir' ) ) {
+ return sys_get_temp_dir();
+ }
# Hope this is Unix of some kind!
return '/tmp';
}
Rating as major because it causes some "interesting" problems - open_basedir
restrictions or in my case AppArmor restrictions might apply.
Sidenote: The code trusts sys_get_temp_dir() blindly - it does not check if it
exists, is a directory and is writeable. Maybe you should add a check for this,
similar to the code used for $TMPDIR/$TMP/$TEMP. (This is NOT included in the
above patch.)
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
