ID: 28812
User updated by: liquid at haveheart dot com
Reported By: liquid at haveheart dot com
-Status: Feedback
+Status: Open
Bug Type: *Directory/Filesystem functions
Operating System: linux
PHP Version: 4.3.6
New Comment:
basically, it boils down to this. the real id is the uid of user who
actually ran the process. the effective id is the uid that is assigned
to new files (any file that would be created), is used (as the owner
check) to check file access. the real id is also used to compare
against the effective id and is the only match that is allowed to
kill(1) the process.
also, just for clarity, when getgroups(2) is used... it is undefined
(based on different unix variants) as to whether the effective gid is
returned. following is an exert from man 2 getgroups on linux.
getgroups
Up to size supplementary group IDs are returned in list. It is
unspecified whether the effective group ID of the calling process is
included in the returned list. (Thus, an application should also
call getegid(2) and add or remove the resulting value.) If size
is zero, list is not modified, but the total number of supplementary
group IDs for the process is returned.
also, yes.. getegid/geteuid are posix and bsd 4.3 defined, so they are
implemented everywhere. hope this helps.
Previous Comments:
------------------------------------------------------------------------
[2004-06-17 09:08:18] [EMAIL PROTECTED]
WHy is this needed? And do you know for sure that all Unix-like
operating systems have this systemcall?
------------------------------------------------------------------------
[2004-06-17 01:44:46] liquid at haveheart dot com
Description:
------------
in a lot of the code, php does checks using getuid or
getgid. one should actually be checking with geteuid
and getegid, especially in situations where you are
looking at getgroups.
one might look at ext/standard/filestat.c for examples
(FS_IS_W st_mode checks as an example). an example
function that is potentially affected by this is
is_writeable('filename') when combined with the User and
Group directives in apache's httpd.conf file.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=28812&edit=1
