ID: 38670
Updated by: [EMAIL PROTECTED]
Reported By: serokka at hrn dot ru
-Status: Open
+Status: Wont fix
Bug Type: Apache2 related
Operating System: FreeBSD 4.10
PHP Version: 4.4.4
New Comment:
We are sorry, but we can not support PHP 4 related problems anymore.
Momentum is gathering for PHP 6, and we think supporting PHP 4 will
lead to a waste of resources which we want to put into getting PHP 6
ready.
Previous Comments:
------------------------------------------------------------------------
[2007-07-13 21:14:52] lars at erhardsen dot dk
I'm also experiencing this on Linux 2.4.27, Apache 2.0.59 and PHP
4.4.9.
Sometimes, files cannot be found, either resulting in strange
file-not-found errors in for instance WordPress or in the safe mode
restriction error.
I ran PHP 4.4.0 before, and experienced no problems at all.
------------------------------------------------------------------------
[2007-06-16 13:04:17] noc at smartterra dot de
Update on my first submission on this bug:
I can reproduce it now on FreeBSD 6.2, Apache 2.0.59 and PHP4.4.7. No
.htaccess oder any other defined .html-Handler. Loading test.HTML
produces this error:
[Sat Jun 16 15:01:17 2007] [error] [client <myclientip>] PHP Warning:
Unknown(): SAFE MODE Restriction in effect. The script whose uid/gid is
1002/1002 is not allowed to access /usr/local/www/test owned by uid/gid
80/80 in Unknown on line 0
------------------------------------------------------------------------
[2007-04-24 23:02:50] gbjbaanb at users dot sourceforge dot net
I have Apache 2.0.59 with php 4.4.6 just installed and my sites, that
worked fine with php_admin_value open_basedir /home/xxx/:/tmp/:xxx
inside the vhost configuration now fail.
This is on CentOS 4.4, x86_64.
Quite serious? PHP has a reputation for insecure code, this is not
good.
------------------------------------------------------------------------
[2007-04-03 16:10:16] marcel dot prisi at virtua dot ch
I got the exact same problem on a FreeBSD-5.5 / Apache-2.0.59 /
php-4.4.6 (all from ports)
Adding a trailing slash to session.save_path didn't help, I had to
comment it from the virtualhost config in order to have the error go
away.
Quite serious I think ...
------------------------------------------------------------------------
[2007-03-14 13:02:05] david dot guenault at gmail dot com
update my precedent post :
if you simply add a trailing slash to session.save_path this will
discard the problem.
here is why :
in safe_mode.c in the function php_checkuid_ex
when mode argument is CHECKUID_ALLOW_ONLY_DIR
at line 119
s = strrchr(filename, DEFAULT_SLASH);
returns a pointer to the last occurrence of the character / in the
string filename. if your path is like this /data1sys/phpsession the
pointer is on the second slash not at the end of the path. The uid/gid
check is made on the parent folder (/data1sys) not the real folder
(/data1sys/phpsession). So when /data1sys is owned by a user that is
different from the user running apache, the test fail.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/38670
--
Edit this bug report at http://bugs.php.net/?id=38670&edit=1
