ID: 41822 User updated by: ian at onlineloop dot com Reported By: ian at onlineloop dot com Status: Assigned Bug Type: *Directory/Filesystem functions Operating System: Solaris 10 PHP Version: 5.2CVS-20070627 Assigned To: tony2001 New Comment:
>ab5602> Have you tried adding r-x to every subdir below and including the path? This is not an option here. First issue is user data security. All users have ftp access to the system, and as a reqult of cross cooperations, users need to be able to go through the users root directory (note that this is not the system root!), meaning if all directoriues were r-x, then users could easily see and access data that is not relevant to them (other access issues that are obvious here have been taken care of using system groups). Second issue is we have tens of thousands of directories like this, and changing the permissions to something else is simply not possible because the users all have individual requirements, and most have set their own permission schemes. Third issue is *this used to work!!!* >ab5602> Also, have a look at: #41899 "Can't open files with leading relative path of '..' and '..' is not readable." The bugs are related. I am following both of them as they are both relevant to us. >ab5602> ...but getcwd() still returned nothing even then. Getcwd() needs read permissions on the directory, however in a shell in a directory with such permissions, pwd still returns the correct directory even if nothing else can be read, and files with read permission can also still be read: [EMAIL PROTECTED]:/home/ian/testdir# ls -la total 10 drwx--x--x 3 root root 512 Oct 1 13:17 . drwxr-xr-x 6 ian staff 1536 Oct 1 12:56 .. -rw-r--r-- 1 root root 24 Oct 1 13:15 afile drwx--x--x 2 root root 512 Oct 1 13:17 testd2 [EMAIL PROTECTED]:/home/ian/testdir# cd testd2/ [EMAIL PROTECTED]:/home/ian/testdir/testd2# ls -la total 6 drwx--x--x 2 root root 512 Oct 1 13:17 . drwx--x--x 3 root root 512 Oct 1 13:17 .. -rw-r--r-- 1 root root 15 Oct 1 13:17 afile2 [EMAIL PROTECTED]:/home/ian/testdir/testd2# cd ../../ [EMAIL PROTECTED]:/home/ian# su - ian Sun Microsystems Inc. SunOS 5.10 Generic January 2005 [EMAIL PROTECTED]: cd testdir [EMAIL PROTECTED]: pwd /home/ian/testdir [EMAIL PROTECTED]: ls -la .: Permission denied total 2 [EMAIL PROTECTED]: cat afile Good bye cruel world!!! [EMAIL PROTECTED]: cd testd2 [EMAIL PROTECTED]: pwd /home/ian/testdir/testd2 [EMAIL PROTECTED]: cat afile2 Frodo lives!!! [EMAIL PROTECTED]: ls -la .: Permission denied total 2 [EMAIL PROTECTED]: logout [EMAIL PROTECTED]:/home/ian# To me, the problem is not something from Sun or Solaris. The problems are in the way PHP is handling access to the files and directories. This needs to be fixed so everything works correctly again. Previous Comments: ------------------------------------------------------------------------ [2007-09-30 23:46:14] ab5602 at wayne dot edu Ok, or, these may be the same problem caused by 2 different root issues. In your initial post, you mentioned "Directory permissions for the webserver process are access only (--x).". I just lifted the following out of PHP source for tsrm_virtual_cwd.c: /* cwd_length can be 0 when getcwd() fails. * This can happen under solaris when a dir does not have read permissions * but *does* have execute permissions */ Have you tried adding r-x to every subdir below and including the path? Previous versions of PHP including 5.0.5 worked for me with a relative include() parameter, but getcwd() still returned nothing even then. This did not really cause a problem until include() broke for me. I believe that PHP now rebuilds a fully qualified path based on getcwd() when it tries to open the file stream and when you are using relative includes. This may have changed since earlier versions. I think this issue is probably related somehow to broken Solaris functions that don't work if suid: Also, have a look at: #41899 "Can't open files with leading relative path of '..' and '..' is not readable." They all seem related somehow. ------------------------------------------------------------------------ [2007-09-30 22:05:05] ian at onlineloop dot com NFS has nothing to do with it, this bug is definately *not* at the OS level. We have all file systems mounted locally, and still have the problem. NFS may however cause other problems, particularly userid mapping, which are more difficult to solve and need to be solved at the OS level. All of this stuff worked just fine up until PHP 5.1.6, since PHP 5.2.0 it's broken, and there is apparently no activity to fix this bug. ------------------------------------------------------------------------ [2007-09-30 17:16:29] ab5602 at wayne dot edu I think I found the culprit that is bubbling up to PHP here. It effects users with: - At least Solaris 9 to early versions of 10 - NFS mounted directories - Any setuid application (including apache/php) >From my previous post, I showed how one server was able to getcwd() in PHP and other other wasn't. The root cause is this bug: http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6226092 I tested the code under Solaris 9 and was able to reproduce it at the OS level. The one machine where include("../file.php") works on was able to successfully execute the solaris bug test code in the NFS mounted directory: # pwd /usr/local/www/sites # ./solaris-nfs-getcwdtest CWD = /usr/local/www/sites # The machine where include("../file.php") gives the "permission denied " error fails the getcwd command in the directory: # pwd /usr/local/www/sites # ./solaris-nfs-getcwdtest getcwd failed!!! # I'm not sure if anything can be done with the PHP source here to solve this since the bug is at the OS level. Unless there is some other way to get the CWD for PHP in the above situation. ------------------------------------------------------------------------ [2007-09-30 14:51:00] ab5602 at wayne dot edu I am having this problem on *ONE* of two load-balanced servers that are setup exactly the same and that share an NFS mounted filesystem in Solaris 9. The permissions on all the subdirs, all the way from the root directory are at least 'r' and 'x' and are the same on both servers. Both machines are running the same PHP/Apache binary and are at the same OS patch level. The following code properly returns the path on one of the machines, but not the other: echo getcwd(); Could this have something to do with NFS? ------------------------------------------------------------------------ [2007-09-12 11:06:53] ian at onlineloop dot com Verified that this is still not working in 5.2.4, nor in the latest CVS version, php5.2-200709121030. We made a system available on a Sun E3500, partially for the purposes of fixing this bug. The last login from anyone from the PHP team was on 5 July 2007. Is there any time plan to fix this bug? We are running on Solaris 10 and are stuck on PHP 5.1.6 because of this problem, so the situation for us is critical. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/41822 -- Edit this bug report at http://bugs.php.net/?id=41822&edit=1
