ID: 21310 Comment by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Open Bug Type: *Directory/Filesystem functions Operating System: Solaris 8 PHP Version: 4.3.0 New Comment:
I also think it is a bugg. On ours servers all directories have only eXecute access to other. Give read access to other on all level is realy a problem. Cordialy. Previous Comments: ------------------------------------------------------------------------ [2003-01-06 12:02:18] [EMAIL PROTECTED] yes, same thing for me. if HTTP server has permission to read all directories in path to the file, all users can read directories of other user and it's really not secure ... ------------------------------------------------------------------------ [2003-01-05 16:59:45] [EMAIL PROTECTED] In my humble opinion it is a bug, because: 1. Previous version of PHP (4.0) could read file without full path, even if PHP couldnt read "." or higher directory. 2. PHP reads several directories (why?) when includes each file without full path. 2. There is no technical reason to give PHP access to read all directories from "/" to directories with PHP scripts. ------------------------------------------------------------------------ [2003-01-05 16:41:43] [EMAIL PROTECTED] Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://www.php.net/manual/ and the instructions on how to report a bug at http://bugs.php.net/how-to-report.php ------------------------------------------------------------------------ [2003-01-05 16:37:36] [EMAIL PROTECTED] Module PHP can't find files (eg. includes them) if HTTP server hasn't permission to read all directories in path to the file. ------------------------------------------------------------------------ [2002-12-31 05:10:31] [EMAIL PROTECTED] After upgrading to 4.3.0 version some PHP scripts stop working. I have checked, that the reason is problem with opening and including files. FIRST EXAMPLE: I had to change variable: $blocked_list["kom.pl"] = "blockkom.txt"; ---> $blocked_list["kom.pl"] = "<full-path>blockkom.txt"; SECOND EXAMPLE: ----------------------------------------------------------- Warning: main(main/linie.php) [function.main]: failed to create stream: No such file or directory in /www/klient34/start/dolacz.php on line 5 Warning: main() [function.main]: Failed opening 'main/linie.php' for inclusion (include_path=''.:..:/usr/local/lib/php'') in /www/klient34/start/dolacz.php on line 5 ------------------------------------------------------------ ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=21310&edit=1
