ID: 40425 Comment by: bugs at nazarenko dot net Reported By: priappub at yahoo dot fr Status: No Feedback Bug Type: Safe Mode/open_basedir Operating System: Solaris 10 PHP Version: 5.2.1 New Comment:
I can confirm a very similar bug on Solaris 10 SPARC Update 3 with the latest php5.2-200707231430 snapshot. Here is the testing script /tmp/test.php: <?php echo "safe = " . (ini_get('safe_mode') ? "On" : "Off") . "\n"; echo "uid = " . getmyuid() . "\n"; echo "gid = " . getmygid() . "\n"; echo file_get_contents('/etc/passwd'); ?> I have performed these commands in PHP source directory (as root): cd /tmp/php5.2-200707231430 ./configure --disable-all --disable-cgi --enable-safe-mode make I login with a user account (uid:gid 2010:605) cd /tmp/php5.2-200707231430/sapi/cli ./php test.php The output is the following: safe = On uid = 0 gid = 1004 ........ and then the contents of the '/etc/passwd' file. Actually it does not matter which user is executing this script. It always returns uid:gid as 0:1004 (even for a root user). It also does not matter whether 'Safe Mode' is On or Off. This makes 'Safe Mode' practically useless on the machine, as all the scripts run with root's uid. At first I thought that the gid 1004 is coming out of the blue, because I do not have any groups with such id. Then I saw that the files in PHP source tarball as well as the compiled binary in 'sapi/cli' directory have uig:gid 1004:1004. So it would be logical to assume that all of that is somehow related. I tried to change the uid:gid of the compiled binary but it did not change the behaviour. I guess something goes wrong during the compilation phase. I cannot provide access to this machine at the moment, but I could arrange it if really was required. Otherwise I am happy to do any other additional testing that could be useful. Previous Comments: ------------------------------------------------------------------------ [2007-03-21 01:00:00] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ [2007-03-13 20:42:40] [EMAIL PROTECTED] Sure, but they can't be in the same directory in the same time. ------------------------------------------------------------------------ [2007-03-13 20:35:27] priappub at yahoo dot fr The 2 versions are not working at the same time. ------------------------------------------------------------------------ [2007-03-12 09:42:31] [EMAIL PROTECTED] Two different apaches in one server root? How did you manage to do that? ------------------------------------------------------------------------ [2007-03-10 20:32:45] priappub at yahoo dot fr The self-compiled apache: [EMAIL PROTECTED] bin]# ./httpd -V Server version: Apache/2.0.59 Server built: Feb 22 2007 00:29:21 Server's Module Magic Number: 20020903:12 Server loaded: APR 0.9.12, APR-UTIL 0.9.12 Compiled using: APR 0.9.12, APR-UTIL 0.9.12 Architecture: 32-bit Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_FCNTL_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D HTTPD_ROOT="/usr/apache2" -D SUEXEC_BIN="/usr/apache2/bin/suexec" -D DEFAULT_PIDLOG="/var/logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="/var/logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types" -D SERVER_CONFIG_FILE="/etc/apache2/httpd.conf" ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/40425 -- Edit this bug report at http://bugs.php.net/?id=40425&edit=1