BTW: Here is the bug that I am referring to: http://bugs.php.net/bug.php?id=41822
& correction: getcwd() is not an stdio function ;) Rob Thompson wrote: > Hi everyone, I just subscribed to this list in hopes of working out some > PHP bugs that have to do with Solaris. > > I've been trying to find out some reason why the getcwd() PHP function > fails under some situations under Solaris. Particularly, when some > component of the file path looks like: d--x--x--x (no read perms). This > appears to be a security feature that Solaris implements that is not > there in Linux. Here is what I found out: > > If you are not root AND you want to get your current working directory > that has parents with without 'r' permissions, you must do one of > two things: > > a) Execute a getcwd() program that is suid-root. > > OR: And this is the strange one... > > b) Tell Solaris that you already know where you are!! > > You can accomplish (b) by doing a 'cd /mydir/mysubdir/' where mydir has > the permissions (d--x--x--x). Without changing directories with a > fully-qualified path, getcwd() will return NULL. > > Here are my questions for the list: > > 1) Is there any way for a running non-root instance of PHP under > Apache or another web server to "know where it is" in the directory tree > already, in hopes of implementing (b) above? > > 2) I'm assuming that the current functionality of PHP include() > requires stdio's getcwd() in order to function with relative paths. Is > this really the case? > > 3) If #1 is possible and #2 is the case, would it be reasonable to > implement a fix for this with doing a chdir(), followed by a getcwd() if > your architecture is Solaris? > > I could try and attempt a fix, but my knowledge of the PHP source is > sorely lacking at this time. I'm working on bettering it! > > Thanks! > -Rob > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
