#25411 [Com]: Change SAFE MODE behavior for new dirs or files

Thu, 30 Oct 2003 13:24:19 -0800 

 ID:               25411
 Comment by:       roman at compic dot ee
 Reported By:      4u at direct-netware dot de
 Status:           Open
 Bug Type:         Feature/Change Request
 Operating System: Linux in general
 PHP Version:      Irrelevant
 New Comment:

it'sno a bug. it's a safe_mode 1
The only chance is:
1) set correct open_base_dir
2) disable system, popen,exec, and so on (exec_functions)
3) turn safe_mode 0

dir can be created, anyway. assume chmod 777 on it top dir.
also chmod _not_ working in SAFE_MODE.

Also, your can run this script as CGI. UID will be same as you, not
nobody. so you can make folders and files ;)


Previous Comments:
------------------------------------------------------------------------

[2003-09-07 06:49:42] 4u at direct-netware dot de

Description:
------------
Every time a script wants to create a directory and a file in it, it
fails because of SAFE MODE restrictions (uid). Please note, that this
is only true, if uid control is active.

Reproduce code:
---------------
<?php
mkdir ("mydir",0777);
$fp = fopen ("mydir/myfile.php","w");
fclose ($fp);
?>

Expected result:
----------------
a) Directory does not exist
Directory will be created using the UID of the script and afterwards
create the file.

b) Directory does exist
A warning (or notice? or whatever it is) will be printed out because
the directory already exists and afterwards the file will still be
created. Expecting the right UID (same as the script) has created the
directory.

I want to request, that files and directories are always have the UID
of the script (and the UID of the "uploader") rather than the UID of
the server which causes many providers to disturb normal PHP file
actions.

Actual result:
--------------
a) Directory does not exist
Directory will be created using the server UID and afterwards there
will be an error while creating the file (SAFE MODE ...).

b) Directory does exist
A warning (or notice? or whatever it is) will be printed out because
the directory already exists and afterwards the file will not be
created because the script is not allowed to write in the directory
(SAFE MODE ... UID ...).


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=25411&edit=1

Reply via email to