ID: 16927
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
-Status: Open
+Status: Analyzed
Bug Type: ZZiplib Related
Operating System: Linux 2.4.18
PHP Version: 4.2.0
New Comment:
Confirmed, this function has no signs of honoring safe_mode.
Previous Comments:
------------------------------------------------------------------------
[2002-04-30 08:48:09] [EMAIL PROTECTED]
Hello,
With the following value:
'/sites/cavalex.com/html:/usr/local/tool/php4/lib/php'
for the open_basedir variable, all these commands
work without error (or warning):
$zip = zip_open("/sites/cavalex.com/html/test.zip");
$zip = zip_open("/tmp/test.zip");
$zip = zip_open("/sites/other.net/html/test2.zip");
I was waiting for an open_basedir restriction for
the two last. Probably a lack of test for this
open command.
--- config ----
safe_mode On
open_basedir
/sites/cavalex.com/html:/usr/local/tool/php4/lib/php
--- compil ---
zziplib-0.11.15.tar.gz
apache-2.3.24
php-4.2.0
'./configure' '--prefix=/usr/local/tool/php4'
'--with-apxs=/usr/local/tool/apache/bin/apxs'
'--with-mysql=/usr/local/tool/mysql' '--with-pgsql=/usr' '--with-zlib'
'--with-bz2' '--with-zip=/usr/local/tool/zziplib' '--with-dom=/usr/lib'
'--with-gd=/usr/local' '--with-ttf'
'--with-freetype-dir=/usr/local/tool/freetype'
'--with-t1lib=/usr/local/tool/t1lib'
'--with-pdflib=/usr/local/tool/pdflib' '--with-bcmath'
'--with-tiff-dir=/usr/lib' '--with-png-dir=/usr/lib'
'--with-jpeg-dir=/usr/lib' '--with-xpm-dir=/usr/X11R6' '--with-iconv'
'--disable-debug' '--enable-xslt'
'--with-xslt-sablot=/usr/local/tool/Sablot'
'--with-expat-dir=/usr/local/tool/expat' '--enable-safe-mode'
'--enable-memory-limit' '--enable-ftp' '--enable-calendar'
'--enable-trans-sid=yes' '--enable-sysvshm=yes' '--enable-sysvsem=yes'
'--enable-debug=no' '--enable-force-cgi-redirect=yes'
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=16927&edit=1
