Bug #17466: Safe mode uid -1 bug

Mon, 27 May 2002 17:27:57 -0700 

From:             [EMAIL PROTECTED]
Operating system: Linux 2.4.7-10
PHP version:      4.2.1
PHP Bug Type:     Filesystem function related
Bug description:  Safe mode uid -1 bug

When safe mode is on php is unable to determine the uid of the running
script, it reports it as -1.  As you might imagine, this completely breaks
the utility of safe mode with respect to file access.  Also, the same bug
occurs when using safe_mode_gid (it reports the gid as -1 as well).  Note
that it does get the appropriate uid/gid for the file that is attempted to
be accessed.

I am running Apache 2.0.36 and the newest version of PHP (4.2.1).


I did some poking around and I think I found out what's going on.  In
ext/standard/pageinfo.c, php_statpage() tries to determine and stat the
running script file like so:

--------------------------------------------
       pstat = sapi_get_stat(TSRMLS_C);
   
        if (BG(page_uid)==-1 || BG(page_gid)==-1) {
                if(pstat) {
                        BG(page_uid)   = pstat->st_uid;
                        BG(page_gid)   = pstat->st_gid;
                        BG(page_inode) = pstat->st_ino;
                        BG(page_mtime) = pstat->st_mtime;
                }
        }
--------------------------------------------

pstat is not properly set by sapi_get_stat() (from main/SAPI.c) so the
page_uid et al values are not changed, and retain their defaults (-1).


I looked around a bit to see if I could make a workaround by stating the
script file without using sapi_get_stat but I couldn't figure out what
variable contained the script filename.
-- 
Edit bug report at http://bugs.php.net/?id=17466&edit=1
-- 
Fixed in CVS:        http://bugs.php.net/fix.php?id=17466&r=fixedcvs
Fixed in release:    http://bugs.php.net/fix.php?id=17466&r=alreadyfixed
Need backtrace:      http://bugs.php.net/fix.php?id=17466&r=needtrace
Try newer version:   http://bugs.php.net/fix.php?id=17466&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=17466&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=17466&r=notwrong
Not enough info:     http://bugs.php.net/fix.php?id=17466&r=notenoughinfo
Submitted twice:     http://bugs.php.net/fix.php?id=17466&r=submittedtwice
register_globals:    http://bugs.php.net/fix.php?id=17466&r=globals

Reply via email to