ID: 44391 User updated by: david at dfoerster dot de Reported By: david at dfoerster dot de Status: Wont fix Bug Type: Safe Mode/open_basedir Operating System: Linux PHP Version: 5.2.5 New Comment:
The problem also occurs, when the open_basedir path is no symlink but the real path. Why should the creation of files be treated differently from the creation of directories? mkdir works fine and symlinks get resolved. Fixing this bug has no security implication whatsoever but only improves usability. Previous Comments: ------------------------------------------------------------------------ [2008-03-10 16:22:47] [EMAIL PROTECTED] This is expected behaviour. If open_basedir was allowed to follow symlinks, the protection would be easy to circumvent. The solution is to configure the real basedir, not the symlinked one. You expect "The file gets created as it's location is within open_basedir", but this is not true. The real location of the file is where the symlink points to. ------------------------------------------------------------------------ [2008-03-10 16:08:28] [EMAIL PROTECTED] Please, Keep the summary. ------------------------------------------------------------------------ [2008-03-10 12:50:17] david at dfoerster dot de I'm aware, that this bug has been reported before (30188) and is mentioned in the documentation. However, documenting the bug doesn't help. I suggest fixing this bug by treating the creation of files the same as the creation of directories which works fine. ------------------------------------------------------------------------ [2008-03-10 12:39:12] david at dfoerster dot de Description: ------------ When trying to create a new file within a symlinked document root, open_basedir raises an error allthough the access should be granted. The error message is obviously wrong: open_basedir restriction in effect. File(/somepath/somefile) is not within the allowed path(s): (/somepath) (Because the file _is_ in the allowed path.) Reproduce code: --------------- Create a directory and a symlink to it (both on the same level). Setup an Apache host with the document root and open_basedir set to the symlink. Create a PHP script within the symlink-directory trying to touch a file in the symlinked directory using the absolute path. Expected result: ---------------- The file gets created as it's location is within open_basedir Actual result: -------------- An error message stating that the file /somesymlinkedpath/file is not within the allowed path /somesymlinkedpath. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=44391&edit=1
