ID: 39073
User updated by: jim at centerfuse dot net
Reported By: jim at centerfuse dot net
Status: Open
Bug Type: Safe Mode/open_basedir
Operating System: FreeBSD 4.11
PHP Version: 5.1.6
New Comment:
get_cfg_var() and ini_get() both return the correct
safe_mode_include_dir, but it seems to just be ignored. Just for good
measure, I also tried using a different directory altogether, but got
the same results.
Previous Comments:
------------------------------------------------------------------------
[2006-10-07 08:10:57] jim at centerfuse dot net
note, the trailing parentheses that appears in my reproduce code after
the safe_mode_include_dir is *not* present in php.ini, it was a typo.
------------------------------------------------------------------------
[2006-10-07 08:09:58] jim at centerfuse dot net
Description:
------------
Just upgraded to php 5.1.6, and safe_mode_include_dir doesn't appear to
be honored. I'm running with safe mode = On and one directory in the
include_dir. Trying to include/fopen/etc any file from that directory
results in a safemode UID restriction. phpinfo() shows that PHP is
reading the correct configuration file and that it knows about
safe_mode_include_dir.
Reproduce code:
---------------
//in php.ini: safe_mode_include_dir = "/usr/local/share/FUSE")
$fp = fopen('/usr/local/share/FUSE/FUSE-main.php', 'r')
Expected result:
----------------
fopen should return file pointer
Actual result:
--------------
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The
script whose uid is 1006 is not allowed to access
/usr/local/share/FUSE/FUSE-main.php owned by uid 0 in
/home/context/public_html/test.php on line 13
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39073&edit=1
