ID: 28812
Updated by: [EMAIL PROTECTED]
Reported By: liquid at haveheart dot com
-Status: Open
+Status: Feedback
Bug Type: *Directory/Filesystem functions
Operating System: linux
PHP Version: 4.3.6
New Comment:
WHy is this needed? And do you know for sure that all Unix-like
operating systems have this systemcall?
Previous Comments:
------------------------------------------------------------------------
[2004-06-17 01:44:46] liquid at haveheart dot com
Description:
------------
in a lot of the code, php does checks using getuid or
getgid. one should actually be checking with geteuid
and getegid, especially in situations where you are
looking at getgroups.
one might look at ext/standard/filestat.c for examples
(FS_IS_W st_mode checks as an example). an example
function that is potentially affected by this is
is_writeable('filename') when combined with the User and
Group directives in apache's httpd.conf file.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=28812&edit=1
