ID: 32501 Updated by: [EMAIL PROTECTED] Reported By: Bjorn dot Wiberg at its dot uu dot se -Status: Open +Status: Feedback Bug Type: Directory function related Operating System: IBM AIX 5.2.0.0 ML5 PHP Version: 5CVS-2005-03-31 New Comment:
If you manually change HAVE_BROKEN_GETCWD in php_config.h to #define HAVE_BROKEN_GETCWD 1 after configure and do 'make clean && make', does it really work then..? Previous Comments: ------------------------------------------------------------------------ [2005-04-04 14:22:17] Bjorn dot Wiberg at its dot uu dot se An excerpt from my Apache 2 httpd.conf, with all information pertaining to PHP and the "safe mode protected" directory of mine: php_admin_flag allow_call_time_pass_reference off php_admin_flag allow_url_fopen off php_admin_flag always_populate_raw_post_data off php_admin_value arg_separator.input "&" php_admin_value arg_separator.output "&" php_admin_flag asp_tags off php_admin_value auto_append_file none php_admin_value auto_prepend_file none php_admin_flag child_terminate off php_admin_value default_charset none php_admin_value default_mimetype "text/html" php_admin_value default_socket_timeout 60 php_admin_flag define_syslog_variables off php_admin_flag display_startup_errors off php_admin_value docref_ext none php_admin_value docref_root none php_admin_value error_append_string none php_admin_value error_log none php_admin_value error_prepend_string none php_admin_value error_reporting 2039 php_admin_flag html_errors off php_admin_flag ignore_repeated_errors off php_admin_flag ignore_repeated_source off php_admin_flag ignore_user_abort off php_admin_flag implicit_flush off php_admin_value ldap.max_links -1 php_admin_flag log_errors on php_admin_value log_errors_max_len 1024 php_admin_flag magic_quotes_gpc on php_admin_flag magic_quotes_runtime off php_admin_flag mime_magic.debug on php_admin_value mysql.connect_timeout 60 php_admin_value mysql.default_host none php_admin_value mysql.default_password none php_admin_value mysql.default_port none php_admin_value mysql.default_socket none php_admin_value mysql.default_user none php_admin_value mysqli.default_host none php_admin_value mysqli.default_port none php_admin_value mysqli.default_pw none php_admin_value mysqli.default_socket none php_admin_value mysqli.default_user none php_admin_value output_buffering 4096 php_admin_value output_handler none php_admin_value precision 14 php_admin_flag register_argc_argv on php_admin_flag register_globals off php_admin_flag register_long_arrays on php_admin_flag report_memleaks on php_admin_flag report_zend_debug on php_admin_flag session.bug_compat_42 off php_admin_flag session.bug_compat_warn on php_admin_value session.entropy_file none php_admin_value session.entropy_length 0 php_admin_value session.gc_divisor 100 php_admin_value session.gc_maxlifetime 1440 php_admin_value session.gc_probability 1 php_admin_value session.save_handler files php_admin_value session.save_path "/tmp" php_admin_value session.serialize_handler php php_admin_flag session.use_trans_sid 0 php_admin_flag short_open_tag off php_admin_flag track_errors off php_admin_value unserialize_callback_func none php_admin_value variables_order "EGPCS" php_admin_flag xbithack off php_admin_flag y2k_compliance on php_admin_flag engine on php_admin_value include_path ".:/apache/php/lib/php" php_admin_value mail.force_extra_parameters "-t -f [EMAIL PROTECTED]" php_admin_value max_execution_time 60 php_admin_value max_input_time 60 php_admin_value memory_limit 64M php_admin_value post_max_size 63M php_admin_value sendmail_from [EMAIL PROTECTED] php_admin_value sendmail_path "/usr/local/bin/smwrap" php_admin_value SMTP notforunix php_admin_value smtp_port none php_admin_value upload_max_filesize 62M php_flag display_errors on php_admin_value doc_root "/onlyforsafemode" php_admin_value open_basedir none php_admin_value safe_mode_exec_dir none php_value bcmath.scale 0 php_value serialize_precision 100 php_flag session.auto_start off php_value session.cache_expire 180 php_value session.cache_limiter "nocache" php_value session.cookie_domain none php_value session.cookie_lifetime 0 php_value session.cookie_path "/" php_value session.hash_function 0 php_value session.name "PHPSESSID" php_value session.referer_check none php_flag session.use_cookies on php_flag tidy.clean_output off php_value date.default_latitude "59.52" php_value date.default_longitude "17.38" php_value date.sunrise_zenith "90.0" php_value date.sunset_zenith "90.0" php_value session.hash_bits_per_character 5 php_value url_rewriter.tags "a=href,area=href,frame=src,input=src,form=fakeentry" php_flag zend.ze1_compatibility_mode off php_admin_value browscap "/apache/etc/php_browscap.ini" php_admin_flag enable_dl off php_admin_value extension_dir "/apache/php/lib/php/extensions/debug-non-zts-20041030:/apache/php/lib/php/PEAR" php_admin_flag file_uploads on php_admin_value mime_magic.magicfile "/apache/etc/magic" php_admin_flag mysql.allow_persistent off php_admin_value mysql.max_links -1 php_admin_value mysql.max_persistent -1 php_admin_flag mysql.trace_mode off php_admin_value mysqli.max_links -1 php_admin_flag mysqli.reconnect off php_admin_flag safe_mode off php_admin_value safe_mode_allowed_env_vars "PHP_" php_admin_flag safe_mode_gid off php_admin_value safe_mode_include_dir none php_admin_value safe_mode_protected_env_vars "LD_LIBRARY_PATH" php_admin_flag sockets.use_system_read on php_admin_flag sql.safe_mode off php_admin_value upload_tmp_dir none php_admin_value user_dir none PHPIniDir "etc" LoadModule php5_module modules/libphp5.so AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml AddType application/x-httpd-php-source .phps <Directory /apache/htdocs/bwiberg/test/safemode> php_admin_value doc_root "/apache/php/lib/php:/apache/htdocs/bwiberg" php_admin_value open_basedir ".:/apache/php/lib/php/:/apache/htdocs/bwiberg/" php_admin_flag safe_mode on php_admin_value safe_mode_exec_dir "/usr/local/bin" php_admin_flag safe_mode_gid on php_admin_value safe_mode_include_dir "/apache/php/lib/php/" </Directory> ------------------------------------------------------------------------ [2005-04-04 13:48:49] [EMAIL PROTECTED] I can't reproduce it on AIX 5.3 & 5.1. Please, make sure that you're editing the right php.ini and provide more info about it. ------------------------------------------------------------------------ [2005-04-01 16:34:06] Bjorn dot Wiberg at its dot uu dot se Tried php5-200503310630 (5.1.0-dev), but the problem is still present: Warning: fopen(): open_basedir restriction in effect. File(a.txt) is not within the allowed path(s): (.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in /apache/htdocs/bwiberg/test/safemode/testopen.php on line 3 Warning: fopen(a.txt): failed to open stream: Not owner in /apache/htdocs/bwiberg/test/safemode/testopen.php on line 3 (It appears that acinclude.m4 hasn't changed at all in this regard, so this was probably expected?) Best regards, Björn ------------------------------------------------------------------------ [2005-03-30 17:19:05] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip ------------------------------------------------------------------------ [2005-03-30 14:11:41] Bjorn dot Wiberg at its dot uu dot se Description: ------------ As noted in other bug reports (PHP bug #24185), and the documentation (http://www.php.net/manual/en/function.getcwd.php), getcwd() may fail if some directory along a path doesn't have list (r) permissions, but only access (x) permissions. In acinclude.m4, the check for broken getcwd() checks the OS string to determine whether HAVE_BROKEN_GETCWD should be set or not. Currently, this check only detects (and sets HAVE_BROKEN_GETCWD) if the OS is "SunOS". This should probably be changed to include "AIX", too: [EMAIL PROTECTED]:/# uname -sr AIX 2 ...as the problem seems to be present on AIX. Reproduce code: --------------- <?php $handle = fopen("./a.txt", "w", false); if ( $handle ) { fputs($handle, "testtext"); fclose($handle); } ?> Expected result: ---------------- No error message, file gets created. Actual result: -------------- Because fopen() + open_basedir seems to rely on getcwd() to check the path to the file, we get the following error: Warning: fopen(): open_basedir restriction in effect. File(./a.txt) is not within the allowed path(s): (.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in /apache/htdocs/bwiberg/test/safemode/write.php on line 3 Warning: fopen(./a.txt): failed to open stream: Not owner in /apache/htdocs/bwiberg/test/safemode/write.php on line 3 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=32501&edit=1
