ID: 31618
Updated by: [EMAIL PROTECTED]
Reported By: kibab at icehouse dot net
-Status: Open
+Status: Feedback
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5CVS-2005-03-14
New Comment:
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
Previous Comments:
------------------------------------------------------------------------
[2005-05-19 06:14:33] kibab at icehouse dot net
>From memory, all files were mode 664 and all directories
had permissions of 775 being owned by root:root. However,
I no longer have that same structure to prove that. If
you like, I can setup an almost identical test case using
the code that I included below (but using my new
structure).
------------------------------------------------------------------------
[2005-05-17 17:18:48] [EMAIL PROTECTED]
What are the permissions of all the directories in that path?
(/var/lib/php_packages/)
------------------------------------------------------------------------
[2005-01-20 22:32:24] kibab at icehouse dot net
Maybe this isn't directly related, but
fopen($myfilename,"r") also fails, even though
include($myfilename) works. Again, $myfilename is in the
safe_mode_include_dir, so fopen should be able to open it.
------------------------------------------------------------------------
[2005-01-19 23:05:35] kibab at icehouse dot net
Description:
------------
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r-- 1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x 4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
".:/var/lib/php_packages:/var/lib/php_packages/pear"
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---------------
#### test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo "is_readable: $myfilename (true)<br>";
} else {
echo "is_readable: $myfilename (false)<br>";
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
----------------
I would expect is_readable() to return true in both
instances. The uid/gid check shouldn't matter despite
safe mode, as the file is in safe_mode_include_dir, and
even if it wasn't, the is_readable documentation says that
it does NOT take into account safe_mode restrictions.
Actual result:
--------------
// When test.php has the following ownership:
$ ls -l test.php
-rw-rw-r-- 1 root root 278 Jan 19 13:16
test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (true)
TESTING!
// When test.php has the following permissions:
$ ls -l test.php
-rw-rw-r-- 1 dschlegel79 undergradadmiss 278 Jan
19 13:16 test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (false)
TESTING!
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=31618&edit=1
