ID: 30784
Updated by: [EMAIL PROTECTED]
Reported By: max at warped dot org
-Status: Open
+Status: Bogus
Bug Type: Filesystem function related
Operating System: Linux - Redhat ES3
PHP Version: 4.3.9
New Comment:
You have to use PHP-CGI if you want your scripts to work under suexec.
Previous Comments:
------------------------------------------------------------------------
[2004-11-14 20:13:04] max at warped dot org
Description:
------------
is_writable() only returns one for files that are writable by the
apache user, not by the current UID.
Apache is running as user/group nobody, but is setup with virtual
hosts.
Each virtual host uses its own user/group. The current UID as returned
by getmyuid() verifies that my PHP scripts are running as "me" and not
as "nobody".
test_file is permission 0644.
If I chmod test_file to user "me" is_writable() returns nothing.
If I chmod test_file to user "nobody" is_writable() returns 1.
PHP needs to check the current uid an use that to verify if something
is writable, or it needs to defer to the operating system.
I imagine this is mod_php specific.
Reproduce code:
---------------
httpd.conf :
User nobody
Group nobody
<VirtualHost ...>
User me
Group me
</VirtualHost>
$ touch test_file
$ chmod 0644 test_file
$ chown nobody test_file
<? print getmyuid() ?>
<? print is_writable('test_file') ?>
514
1
$ chown me test_file
<? print getmyuid() ?>
<? print is_writable('test_file') ?>
514
(nothing)
Expected result:
----------------
I expect is_writable() to return 1 if PHP fully has permission to write
the file.
As a result, I have to chmod sensitive data to 0666 on a shared server,
which is bad.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=30784&edit=1
