ID: 33723
User updated by: ezmlm at mail dot ru
Reported By: ezmlm at mail dot ru
-Status: Feedback
+Status: Open
Bug Type: Apache related
Operating System: Linux
PHP Version: 5CVS-2005-07-18
New Comment:
It doesn't make any difference. php_admin_value may be in VirtualHost
block or in global scope. It is reset by php_value in .htaccess in both
cases. That was just a simple example to reproduce the bug.
safe_mode is also only example. You can reset any options marked as
PHP_INI_SYSTEM (which shouldn't be settable with php_value at all) like
safe_mode or open_basedir or any other, disabling any security
limitations defined in VirtualHost
Previous Comments:
------------------------------------------------------------------------
[2005-07-19 10:46:39] [EMAIL PROTECTED]
Isn't the php_admin_value inside any <VirtualHost> block??
------------------------------------------------------------------------
[2005-07-19 08:41:21] ezmlm at mail dot ru
This problem does not exist in php5 module for Apache2. It only exists
in php5 module for Apache1 cause those are completly different
modules.
Using php_admin_value safe_mode 1 didn't change anything.
again the steps to reproduce the problem.
Apache 1.3.33 is configured with ./configure --enable-module=so
and installed with make && make install
php is configured with ./configure
--with-apxs=/usr/local/apache/bin/apxs
then installed with make && make install
In httpd.conf added:
AddType application/x-httpd-php .php .phtml
php_admin_value safe_mode on
In <Directory "/usr/local/apache/htdocs"> section set
AllowOverride Options to allow php_flag and php_value in .htaccess
In /usr/local/apache/htdocs created info.phtml:
<?php
system('cat /etc/passwd');
phpinfo();
?>
The result is that safe_mode is ON and content of /etc/passwd IS NOT
displayed.
Now create .htaccess in /usr/local/apache/htdocs:
php_flag safe_mode off
The result is that phpinfo() shows safe_mode is OFF and content of
/etc/passwd IS displayed.
------------------------------------------------------------------------
[2005-07-19 00:45:21] [EMAIL PROTECTED]
Try change that php_admin_value line in httpd.conf to this:
php_admin_value safe_mode 1
------------------------------------------------------------------------
[2005-07-19 00:43:19] [EMAIL PROTECTED]
I can't reproduce this override problem when using Apache2.
------------------------------------------------------------------------
[2005-07-19 00:37:23] [EMAIL PROTECTED]
Solved. I had wrong permissions and owners set on the path and script I
used. safe-mode works as expected.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/33723
--
Edit this bug report at http://bugs.php.net/?id=33723&edit=1
