#34957 [NEW]: PHP5 ignores any kind of ACL including FS ACL, AFS ACL or trustees (PHP4 works)
From: cunha17 at gmail dot com Operating system: debian sarge kernel 2.6 PHP version: 6CVS-2005-10-22 (CVS) PHP Bug Type: Filesystem function related Bug description: PHP5 ignores any kind of ACL including FS ACL, AFS ACL or trustees (PHP4 works) Description: This bug only exists at PHP5 branch. PHP4 works just fine. This patch which was provided by [EMAIL PROTECTED] fixes these bugs: - Bug #14923 is_readable, is_writable, is_executable fail on POSIX ACL based filesystems (this bug is ancient and is fixed in PHP4 branch, but not fixed on PHP5 branch - regression test problems ?) - Bug #30931 is_writable() and is_readable() return false when access is permit (this bug is marked as no feedback so that's why I opened this bug report) - This bug report itself Reproduce code: --- \n"; echo $file.' is '.(is_writable($file) ? '' : 'NOT ')."writable!\n"; ?> The POSIX ACL on test.php: $ getfacl test.php # file: test.php # owner: root # group: root user::rw- user:swishe:rwx group::--- mask::rwx other::--- Expected result: Logged in as user swishe and using PHP CLI: host:/var$ php test.php test.php is readable! test.php is writable! Actual result: -- Logged in as user swishe and using PHP CLI: host:/var$ php test.php test.php is NOT readable! test.php is NOT writable! Here is the patch provided by [EMAIL PROTECTED] at Bug #30931 which fixes this problem. I tested it over XFS and AFS. Index: ext/standard/filestat.c === RCS file: /repository/php-src/ext/standard/filestat.c,v retrieving revision 1.137 diff -u -r1.137 filestat.c --- ext/standard/filestat.c 23 Aug 2005 12:53:23 - 1.137 +++ ext/standard/filestat.c 22 Oct 2005 14:06:23 - @@ -543,6 +543,7 @@ #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK || (__t) == FS_LSTAT) #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS || (__t) == FS_IS_W || (__t) == FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) == FS_IS_DIR || (__t) == FS_IS_LINK) #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t) == FS_IS_X) +#define IS_ACCESS_CHECK(__t) (IS_ABLE_CHECK(type) || (__t) == FS_EXISTS) /* {{{ php_stat */ @@ -552,6 +553,7 @@ *stat_size, *stat_atime, *stat_mtime, *stat_ctime, *stat_blksize, *stat_blocks; struct stat *stat_sb; php_stream_statbuf ssb; + char * local_path; int flags = 0, rmask=S_IROTH, wmask=S_IWOTH, xmask=S_IXOTH; /* access rights defaults to other */ char *stat_sb_names[13]={"dev", "ino", "mode", "nlink", "uid", "gid", "rdev", "size", "atime", "mtime", "ctime", "blksize", "blocks"}; @@ -559,7 +561,21 @@ if (!filename_length) { RETURN_FALSE; } - +#ifndef NETWARE + if (IS_ACCESS_CHECK(type) && + !php_stream_locate_url_wrapper(filename, &local_path, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC)) { + switch(type) { + case FS_EXISTS: + RETURN_BOOL(access(local_path, F_OK) == 0); + case FS_IS_W: + RETURN_BOOL(access(local_path, W_OK) == 0); + case FS_IS_X: + RETURN_BOOL(access(local_path, X_OK) == 0); + case FS_IS_R: + RETURN_BOOL(access(local_path, R_OK) == 0); + } + } +#endif if (IS_LINK_OPERATION(type)) { flags |= PHP_STREAM_URL_STAT_LINK; } -- Edit bug report at http://bugs.php.net/?id=34957&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=34957&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=34957&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=34957&r=trysnapshot51 Fixed in CVS:http://bugs.php.net/fix.php?id=34957&r=fixedcvs Fixed in release:http://bugs.php.net/fix.php?id=34957&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=34957&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=34957&r=needscript Try newer version: http://bugs.php.net/fix.php?id=34957&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=34957&r=support Expected behavior: http://bugs.php.net/fix.php?id=34957&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=34957&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=34957&r=submittedtwice register_globals:http://bugs.php.ne
#30931 [Com]: is_writable() and is_readable() return false when access is permitted via ACL
ID: 30931 Comment by: cunha17 at gmail dot com Reported By: bugzilla-php at bwurst dot org Status: No Feedback Bug Type: Filesystem function related Operating System: gentoo linux (kernel 2.6) PHP Version: 5.0.2 New Comment: PHP should not try to calculate permissions because only the Operating System can do it right. As someone pointed out, PHP is ignoring my POSIX ACL and Trustees too. Previous Comments: [2005-09-02 23:01:48] 1 at 234 dot cx I was just wondering if anyone can review the patch which has been posted here. This seems to be a well defined bug with a patch that solves the problem, is there any reason not to check it in? If there *is* a reason not to check the patch in, I am sure one of us will work on improving it. Before we can do this, though, we need a clue what issues people see with the patch as it stands. [2005-08-26 03:03:50] matthew at acintrix dot net I too am expierencing this bug on Fedora Core 4 with PHP 5.0.4. [2005-08-08 18:18:11] ka at pacific dot net Same bug found here in 5.04 on Fedora Core 4 with modphp Symptom: modphp cannot write to files even if they are `chmod 777`, if there is an acl for apache on the file. [2005-06-15 23:51:26] 1 at 234 dot cx I don't know if this is useful to anyone, but this seems to be a regression of bug #14923, which was fixed back in 2002. I have just experienced the bug on Fedora 4. I tried JR's patch, and that solves the problem for me. Thanks, Pete [2005-06-12 16:16:35] jr at terragate dot net I've written a patch to address this issue. It uses POSIX's access function to determine file permissions. I tested this patch on Mac OS 10.4.1, Windows XP SP2 and FreeBSD 5.2.1. I am not sure if this patch also works for Win 9x (maybe R_OK, W_OK etc. are not defined there) and other non POSIX conformant OSes. Probably some more #ifndefs are required. http://jr.terragate.net/access.diff The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/30931 -- Edit this bug report at http://bugs.php.net/?id=30931&edit=1
#28306 [Fbk->Csd]: PHP5-rc2 coredumps with Smarty-2.6.2, error handler and exceptions
ID: 28306 User updated by: cunha17 at gmail dot com -Reported By: cunha17 at uol dot com dot br +Reported By: cunha17 at gmail dot com -Status: Feedback +Status: Closed Bug Type: Reproducible crash Operating System: Redhat Linux 9/Fedora Core 1 PHP Version: 5CVS-2004-05-06 (dev) New Comment: This BUG is not present in current CVS anymore. Thanx. Previous Comments: [2005-01-15 00:21:36] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php5.0-win32-latest.zip [2004-05-19 15:25:53] cunha17 at uol dot com dot br Using the gdb's "next" command, I could get an useful backtrace: Program received signal SIGSEGV, Segmentation fault. 0x in ?? () (gdb) bt #0 0x in ?? () #1 0x0819c798 in execute (op_array=0x4076e378, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/Zend/zend_execute.c:1391 #2 0x0819fd9b in zend_do_fcall_common_helper (execute_data=0xbfffd110, opline=0x4076e174, op_array=0x4076f0a0, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/Zend/zend_execute.c:2728 #3 0x0819c798 in execute (op_array=0x4076f0a0, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/Zend/zend_execute.c:1391 #4 0x0819fd9b in zend_do_fcall_common_helper (execute_data=0xbfffd340, opline=0x40505dfc, op_array=0x40505520, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/Zend/zend_execute.c:2728 #5 0x0819c798 in execute (op_array=0x40505520, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/Zend/zend_execute.c:1391 #6 0x081803ec in zend_execute_scripts (type=8, tsrm_ls=0x8203200, retval=0x0, file_count=3) at /usr/src/zend2/php-src/Zend/zend.c:1058 #7 0x0814a191 in php_execute_script (primary_file=0xb710, tsrm_ls=0x8203200) at /usr/src/zend2/php-src/main/main.c:1630 #8 0x081a7f8a in main (argc=2, argv=0xb794) at /usr/src/zend2/php-src/sapi/cli/php_cli.c:943 #9 0x403d0a67 in __libc_start_main () from /lib/i686/libc.so.6 [2004-05-07 23:40:04] cunha17 at uol dot com dot br I can't generate the backtrace. My php(cli) is already compiled with --enable-debug and I recompiled it with only these options: ./configure --enable-debug --enable-cli When running: # gdb /usr/local/bin/php core.8971 I get: GNU gdb Red Hat Linux (5.3.90-0.20030710.41rh) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1". Core was generated by `/usr/local/bin/php exception_bug.php'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt.so.1...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/tls/libm.so.6...done. Loaded symbols for /lib/tls/libm.so.6 Reading symbols from /lib/libdl.so.2...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/libnsl.so.1...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /usr/lib/libxml2.so.2...done. Loaded symbols for /usr/lib/libxml2.so.2 Reading symbols from /lib/tls/libpthread.so.0...done. Loaded symbols for /lib/tls/libpthread.so.0 Reading symbols from /lib/tls/libc.so.6...done. Loaded symbols for /lib/tls/libc.so.6 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 0x in ?? () The backtrace command returns: (gdb) bt #0 0x in ?? () I don't know what else I can do. Any hints ? Cristiano Duarte [2004-05-06 20:00:34] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. [2004-05-06 19:58:05] cunha17 at uol dot com dot br The debug_backtrace() just before the segmentation fault: Array ( [0] => Array ( [file] => /ho