ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5CVS-2005-03-14 New Comment:
Ok. It says (see http://www.ewu.edu/web/tools/bug31618_3.php): Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid/gid is 687/694 is not allowed to access /usr/share/pear/commonfile.php owned by uid/gid 0/0 in /var/www/sites/web/tools/bug31618_3.php on line 3 Warning: fopen(/usr/share/pear/commonfile.php) [function.fopen]: failed to open stream: Resource temporarily unavailable in /var/www/sites/web/tools/bug31618_3.php on line 3 Previous Comments: ------------------------------------------------------------------------ [2005-08-10 20:44:05] [EMAIL PROTECTED] Of course, I meant this: <?php $myfilename = '/usr/share/pear/commonfile.php'; fopen($myfilename, 'r'); ?> ------------------------------------------------------------------------ [2005-08-10 20:36:39] [EMAIL PROTECTED] Could you plz also try this: <?php fopen($myfilename, 'r'); ?> And post the error message here. Thanks. ------------------------------------------------------------------------ [2005-08-10 20:24:48] kibab at icehouse dot net Ok, here's a new "complete" example for you. First, we need to do some setup as this is based on permissions, ownership, and safe mode: cd <some directory in safe_mode_include_dir> # note, I used cd /usr/share/pear echo "TESTING" > commonfile.php chmod a+r commonfile.php Then: $ ls -l commonfile* -rw-rw-r-- 1 root root 8 Aug 10 10:54 commonfile.php And, permissions on the source PHP file in use: $ ls -l bug31618.php -rw-rw-r-- 1 kpederson financialaid 576 Aug 10 10:50 bug31618.php I used the following relevant settings: $ grep -iE "safe|include" /etc/php.ini | grep -v "^;" safe_mode = On safe_mode_gid = On safe_mode_include_dir = /usr/share/pear safe_mode_exec_dir = "/usr/local/php_exe/bin" safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH include_path = ".:/usr/share/pear/:/usr/share/pear/ewu_lib:/var/lib/php_secure" sql.safe_mode = Off Now, grab my PHP script from the following URL: http://www.ewu.edu/web/tools/bug31618.php.txt It's output looks like the following (as can be seen from http://www.ewu.edu/web/tools/bug31618.php): is_readable: /usr/share/pear/commonfile.php (false) TESTING Now, if I change the ownership to root:root (as I did for bug31618_2.php, eg. as seen by http://www.ewu.edu/web/tools/bug31618_2.php): is_readable: /usr/share/pear/commonfile.php (true) TESTING Thus, the results are based on ownership of the calling php script, not the file attempting to be read, despite being in safe_mode_include_dir. ------------------------------------------------------------------------ [2005-08-08 19:56:08] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with <?php and ends with ?>, is max. 10-20 lines long and does not require any external resources such as databases, etc. If possible, make the script source available online and provide an URL to it here. Try to avoid embedding huge scripts into the report. ------------------------------------------------------------------------ [2005-05-19 06:14:33] kibab at icehouse dot net >From memory, all files were mode 664 and all directories had permissions of 775 being owned by root:root. However, I no longer have that same structure to prove that. If you like, I can setup an almost identical test case using the code that I included below (but using my new structure). ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31618 -- Edit this bug report at http://bugs.php.net/?id=31618&edit=1