#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5CVS-2005-03-14 New Comment: I can't get to it, I just keep getting a 404 error? Previous Comments: [2005-08-12 01:00:10] [EMAIL PROTECTED] Please try this patch: http://tony2001.phpclub.net/dev/tmp/bugs_29840_31618.diff (with the latest snapshot/CVS). [2005-08-11 15:57:11] kibab at icehouse dot net Yes. I read docs, although I sometimes misunderstand them: Note in my previous post: safe_mode_include_dir = /usr/share/pear Also note that per the documentation (http://www.php.net/manual/en/features.safe-mode.php): safe_mode_include_dir string UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path or full path must including). Certainly $myfilename = '/usr/share/pear/commonfile.php'; is in safe_mode_include dir. Thus, the error message is incorrect and *is* a PHP bug. [2005-08-11 11:10:57] [EMAIL PROTECTED] Did you read something about safe_mode before turning it On? By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use UID (FALSE) or GID (TRUE) checking upon file access. (c) http://www.php.net/manual/en/features.safe-mode.php So, it's perfectly fine to have these errors and to have FALSE in is_readable() because you turned safe_mode yourself. This is expected behaviour. [2005-08-11 01:59:45] kibab at icehouse dot net Ok. It says (see http://www.ewu.edu/web/tools/bug31618_3.php): Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid/gid is 687/694 is not allowed to access /usr/share/pear/commonfile.php owned by uid/gid 0/0 in /var/www/sites/web/tools/bug31618_3.php on line 3 Warning: fopen(/usr/share/pear/commonfile.php) [function.fopen]: failed to open stream: Resource temporarily unavailable in /var/www/sites/web/tools/bug31618_3.php on line 3 [2005-08-10 20:44:05] [EMAIL PROTECTED] Of course, I meant this: ?php $myfilename = '/usr/share/pear/commonfile.php'; fopen($myfilename, 'r'); ? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31618 -- Edit this bug report at http://bugs.php.net/?id=31618edit=1
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5CVS-2005-03-14 New Comment: Ok, I tried it out on my dev server and it works! is_readable() now returns the correct values based on the ownership of the file. From my initial test: is_readable: /var/lib/php/test_templ2.php (true) TEST The fopen($myfilename) call, however, still fails with the following error message (perhaps I should file this as a separate bug report...): Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid/gid is 49/49 is not allowed to access /var/lib/php/test_templ2.php owned by uid/gid 0/0 in /var/www/sites/devel/test.php on line 10 Warning: fopen(/var/lib/php/test_templ2.php) [function.fopen]: failed to open stream: Success in /var/www/sites/devel/test.php on line 10 And... safe_mode_include_dir on that server is set to /var/lib/php. Previous Comments: [2005-08-12 18:03:49] [EMAIL PROTECTED] Please try again. It should be there this time. [2005-08-12 17:33:29] kibab at icehouse dot net I can't get to it, I just keep getting a 404 error? [2005-08-12 01:00:10] [EMAIL PROTECTED] Please try this patch: http://tony2001.phpclub.net/dev/tmp/bugs_29840_31618.diff (with the latest snapshot/CVS). [2005-08-11 15:57:11] kibab at icehouse dot net Yes. I read docs, although I sometimes misunderstand them: Note in my previous post: safe_mode_include_dir = /usr/share/pear Also note that per the documentation (http://www.php.net/manual/en/features.safe-mode.php): safe_mode_include_dir string UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path or full path must including). Certainly $myfilename = '/usr/share/pear/commonfile.php'; is in safe_mode_include dir. Thus, the error message is incorrect and *is* a PHP bug. [2005-08-11 11:10:57] [EMAIL PROTECTED] Did you read something about safe_mode before turning it On? By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use UID (FALSE) or GID (TRUE) checking upon file access. (c) http://www.php.net/manual/en/features.safe-mode.php So, it's perfectly fine to have these errors and to have FALSE in is_readable() because you turned safe_mode yourself. This is expected behaviour. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31618 -- Edit this bug report at http://bugs.php.net/?id=31618edit=1
#31618 [Bgs-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Bogus +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5CVS-2005-03-14 New Comment: Yes. I read docs, although I sometimes misunderstand them: Note in my previous post: safe_mode_include_dir = /usr/share/pear Also note that per the documentation (http://www.php.net/manual/en/features.safe-mode.php): safe_mode_include_dir string UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path or full path must including). Certainly $myfilename = '/usr/share/pear/commonfile.php'; is in safe_mode_include dir. Thus, the error message is incorrect and *is* a PHP bug. Previous Comments: [2005-08-11 11:10:57] [EMAIL PROTECTED] Did you read something about safe_mode before turning it On? By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use UID (FALSE) or GID (TRUE) checking upon file access. (c) http://www.php.net/manual/en/features.safe-mode.php So, it's perfectly fine to have these errors and to have FALSE in is_readable() because you turned safe_mode yourself. This is expected behaviour. [2005-08-11 01:59:45] kibab at icehouse dot net Ok. It says (see http://www.ewu.edu/web/tools/bug31618_3.php): Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid/gid is 687/694 is not allowed to access /usr/share/pear/commonfile.php owned by uid/gid 0/0 in /var/www/sites/web/tools/bug31618_3.php on line 3 Warning: fopen(/usr/share/pear/commonfile.php) [function.fopen]: failed to open stream: Resource temporarily unavailable in /var/www/sites/web/tools/bug31618_3.php on line 3 [2005-08-10 20:44:05] [EMAIL PROTECTED] Of course, I meant this: ?php $myfilename = '/usr/share/pear/commonfile.php'; fopen($myfilename, 'r'); ? [2005-08-10 20:36:39] [EMAIL PROTECTED] Could you plz also try this: ?php fopen($myfilename, 'r'); ? And post the error message here. Thanks. [2005-08-10 20:24:48] kibab at icehouse dot net Ok, here's a new complete example for you. First, we need to do some setup as this is based on permissions, ownership, and safe mode: cd some directory in safe_mode_include_dir # note, I used cd /usr/share/pear echo TESTING commonfile.php chmod a+r commonfile.php Then: $ ls -l commonfile* -rw-rw-r--1 root root8 Aug 10 10:54 commonfile.php And, permissions on the source PHP file in use: $ ls -l bug31618.php -rw-rw-r--1 kpederson financialaid 576 Aug 10 10:50 bug31618.php I used the following relevant settings: $ grep -iE safe|include /etc/php.ini | grep -v ^; safe_mode = On safe_mode_gid = On safe_mode_include_dir = /usr/share/pear safe_mode_exec_dir = /usr/local/php_exe/bin safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH include_path = .:/usr/share/pear/:/usr/share/pear/ewu_lib:/var/lib/php_secure sql.safe_mode = Off Now, grab my PHP script from the following URL: http://www.ewu.edu/web/tools/bug31618.php.txt It's output looks like the following (as can be seen from http://www.ewu.edu/web/tools/bug31618.php): is_readable: /usr/share/pear/commonfile.php (false) TESTING Now, if I change the ownership to root:root (as I did for bug31618_2.php, eg. as seen by http://www.ewu.edu/web/tools/bug31618_2.php): is_readable: /usr/share/pear/commonfile.php (true) TESTING Thus, the results are based on ownership of the calling php script, not the file attempting to be read, despite being in safe_mode_include_dir. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31618 -- Edit this bug report at http://bugs.php.net/?id=31618edit=1
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
-Status: Feedback
+Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5CVS-2005-03-14
New Comment:
Ok, here's a new complete example for you.
First, we need to do some setup as this is based on
permissions, ownership, and safe mode:
cd some directory in safe_mode_include_dir
# note, I used cd /usr/share/pear
echo TESTING commonfile.php
chmod a+r commonfile.php
Then: $ ls -l commonfile*
-rw-rw-r--1 root root8 Aug 10 10:54
commonfile.php
And, permissions on the source PHP file in use:
$ ls -l bug31618.php
-rw-rw-r--1 kpederson financialaid 576 Aug 10
10:50 bug31618.php
I used the following relevant settings:
$ grep -iE safe|include /etc/php.ini | grep -v ^;
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /usr/share/pear
safe_mode_exec_dir = /usr/local/php_exe/bin
safe_mode_allowed_env_vars = PHP_
safe_mode_protected_env_vars = LD_LIBRARY_PATH
include_path =
.:/usr/share/pear/:/usr/share/pear/ewu_lib:/var/lib/php_secure
sql.safe_mode = Off
Now, grab my PHP script from the following URL:
http://www.ewu.edu/web/tools/bug31618.php.txt
It's output looks like the following (as can be seen from
http://www.ewu.edu/web/tools/bug31618.php):
is_readable: /usr/share/pear/commonfile.php (false)
TESTING
Now, if I change the ownership to root:root (as I did for
bug31618_2.php, eg. as seen by
http://www.ewu.edu/web/tools/bug31618_2.php):
is_readable: /usr/share/pear/commonfile.php (true)
TESTING
Thus, the results are based on ownership of the calling
php script, not the file attempting to be read, despite
being in safe_mode_include_dir.
Previous Comments:
[2005-08-08 19:56:08] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ?php and ends with ?,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
[2005-05-19 06:14:33] kibab at icehouse dot net
From memory, all files were mode 664 and all directories
had permissions of 775 being owned by root:root. However,
I no longer have that same structure to prove that. If
you like, I can setup an almost identical test case using
the code that I included below (but using my new
structure).
[2005-05-17 17:18:48] [EMAIL PROTECTED]
What are the permissions of all the directories in that path?
(/var/lib/php_packages/)
[2005-01-20 22:32:24] kibab at icehouse dot net
Maybe this isn't directly related, but
fopen($myfilename,r) also fails, even though
include($myfilename) works. Again, $myfilename is in the
safe_mode_include_dir, so fopen should be able to open it.
[2005-01-19 23:05:35] kibab at icehouse dot net
Description:
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r--1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
.:/var/lib/php_packages:/var/lib/php_packages/pear
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---
test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename (true)br;
} else {
echo is_readable: $myfilename (false)br;
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
I would expect is_readable() to return true in both
instances. The uid/gid check shouldn't matter despite
safe mode, as the file is in safe_mode_include_dir, and
even if it wasn't, the is_readable documentation says that
it does NOT take into account
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5CVS-2005-03-14 New Comment: Ok. It says (see http://www.ewu.edu/web/tools/bug31618_3.php): Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid/gid is 687/694 is not allowed to access /usr/share/pear/commonfile.php owned by uid/gid 0/0 in /var/www/sites/web/tools/bug31618_3.php on line 3 Warning: fopen(/usr/share/pear/commonfile.php) [function.fopen]: failed to open stream: Resource temporarily unavailable in /var/www/sites/web/tools/bug31618_3.php on line 3 Previous Comments: [2005-08-10 20:44:05] [EMAIL PROTECTED] Of course, I meant this: ?php $myfilename = '/usr/share/pear/commonfile.php'; fopen($myfilename, 'r'); ? [2005-08-10 20:36:39] [EMAIL PROTECTED] Could you plz also try this: ?php fopen($myfilename, 'r'); ? And post the error message here. Thanks. [2005-08-10 20:24:48] kibab at icehouse dot net Ok, here's a new complete example for you. First, we need to do some setup as this is based on permissions, ownership, and safe mode: cd some directory in safe_mode_include_dir # note, I used cd /usr/share/pear echo TESTING commonfile.php chmod a+r commonfile.php Then: $ ls -l commonfile* -rw-rw-r--1 root root8 Aug 10 10:54 commonfile.php And, permissions on the source PHP file in use: $ ls -l bug31618.php -rw-rw-r--1 kpederson financialaid 576 Aug 10 10:50 bug31618.php I used the following relevant settings: $ grep -iE safe|include /etc/php.ini | grep -v ^; safe_mode = On safe_mode_gid = On safe_mode_include_dir = /usr/share/pear safe_mode_exec_dir = /usr/local/php_exe/bin safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH include_path = .:/usr/share/pear/:/usr/share/pear/ewu_lib:/var/lib/php_secure sql.safe_mode = Off Now, grab my PHP script from the following URL: http://www.ewu.edu/web/tools/bug31618.php.txt It's output looks like the following (as can be seen from http://www.ewu.edu/web/tools/bug31618.php): is_readable: /usr/share/pear/commonfile.php (false) TESTING Now, if I change the ownership to root:root (as I did for bug31618_2.php, eg. as seen by http://www.ewu.edu/web/tools/bug31618_2.php): is_readable: /usr/share/pear/commonfile.php (true) TESTING Thus, the results are based on ownership of the calling php script, not the file attempting to be read, despite being in safe_mode_include_dir. [2005-08-08 19:56:08] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with ?php and ends with ?, is max. 10-20 lines long and does not require any external resources such as databases, etc. If possible, make the script source available online and provide an URL to it here. Try to avoid embedding huge scripts into the report. [2005-05-19 06:14:33] kibab at icehouse dot net From memory, all files were mode 664 and all directories had permissions of 775 being owned by root:root. However, I no longer have that same structure to prove that. If you like, I can setup an almost identical test case using the code that I included below (but using my new structure). The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31618 -- Edit this bug report at http://bugs.php.net/?id=31618edit=1
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
-Status: Feedback
+Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5CVS-2005-03-14
New Comment:
From memory, all files were mode 664 and all directories
had permissions of 775 being owned by root:root. However,
I no longer have that same structure to prove that. If
you like, I can setup an almost identical test case using
the code that I included below (but using my new
structure).
Previous Comments:
[2005-05-17 17:18:48] [EMAIL PROTECTED]
What are the permissions of all the directories in that path?
(/var/lib/php_packages/)
[2005-01-20 22:32:24] kibab at icehouse dot net
Maybe this isn't directly related, but
fopen($myfilename,r) also fails, even though
include($myfilename) works. Again, $myfilename is in the
safe_mode_include_dir, so fopen should be able to open it.
[2005-01-19 23:05:35] kibab at icehouse dot net
Description:
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r--1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
.:/var/lib/php_packages:/var/lib/php_packages/pear
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---
test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename (true)br;
} else {
echo is_readable: $myfilename (false)br;
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
I would expect is_readable() to return true in both
instances. The uid/gid check shouldn't matter despite
safe mode, as the file is in safe_mode_include_dir, and
even if it wasn't, the is_readable documentation says that
it does NOT take into account safe_mode restrictions.
Actual result:
--
// When test.php has the following ownership:
$ ls -l test.php
-rw-rw-r--1 root root 278 Jan 19 13:16
test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (true)
TESTING!
// When test.php has the following permissions:
$ ls -l test.php
-rw-rw-r--1 dschlegel79 undergradadmiss 278 Jan
19 13:16 test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (false)
TESTING!
--
Edit this bug report at http://bugs.php.net/?id=31618edit=1
#30931 [Com]: is_writable() and is_readable() return false when access is permitted via ACL
ID: 30931 Comment by: kibab at icehouse dot net Reported By: bugzilla-php at bwurst dot org Status: No Feedback Bug Type: Filesystem function related Operating System: gentoo linux (kernel 2.6) PHP Version: 5.0.2 New Comment: This is not fixed yet as of Mar. 31 in the 5.0.4 release. Previous Comments: [2005-03-08 01:00:08] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to Open. [2005-02-28 21:21:59] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip [2004-11-29 17:26:56] bugzilla-php at bwurst dot org Description: PHP's is_readable() and is_writable() function report nonsense on ACLs... We have the following test case: A file containing ?php echo __FILE__.' is '.(is_readable(__FILE__) ? '' : 'NOT ').readable!br\n; echo __FILE__.' is '.(is_writable(__FILE__) ? '' : 'NOT ').writable!br\n; ? it's made accessible to the webserver via $ getfacl index.php # file: index.php # owner: someuser # group: webadm user::rw- user:apache:rw- group::r-- mask::rw- other::--- So apache is neither the owner nor in the group but it's accessible through ACL. If I call this file via the webserver, I get /srv/http/[...]/test/index.php is NOT readable! /srv/http/[...]/test/index.php is NOT writable! [...] has been inserted by me, of course. This method works perfectly, the webserver (and also PHP) *can* read and write the file but the is_readable() and is_writable() return wrong values. It really seems like bug #14923, but that one's fixed after php-4.1.0. Also it's CLOSED, so I cannot add a comment there. :-( -- Edit this bug report at http://bugs.php.net/?id=30931edit=1
#31618 [Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5.0.3
New Comment:
A bit more information. I ran the compile command
manually using gcc -E instead of libtool, and it turns out
that xmlErrorPtr hasn't yet been defined at that point,
which is why it's dieing.
Also, I grepped for it but it's not present:
$ pwd
/usr/include/libxml2
$ grep -rni xmlError *
libxml/globals.h:17:#include libxml/xmlerror.h
Per {acinclude,aclocal}.m4, libxml2 version 2.5.10 is
required, but I have that installed
I'll keep investigating... thanks.
Previous Comments:
[2005-03-09 16:42:44] kibab at icehouse dot net
Configure options listed below. It's basically a mirror of
the standard PHP-4 Redhat options adapted for PHP-5, with
a couple of extra options I added in.
./configure '--host=i386-redhat-linux'
'--build=i386-redhat-linux'
'--target=i386-redhat-linux-gnu' '--program-prefix='
'--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin'
'--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib' '--libexecdir=/usr/libexec'
'--localstatedir=/var' '--sharedstatedir=/usr/com'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--cache-file=./config.cache'
'--with-config-file-path=/etc'
'--with-config-file-scan-dir=/etc/php.d'
'--enable-force-cgi-redirect' '--disable-debug'
'--enable-pic' '--disable-rpath'
'--enable-inline-optimization' '--with-bz2'
'--with-db4=/usr' '--with-curl' '--with-dom=/usr'
'--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr'
'--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf'
'--with-ttf' '--with-gettext' '--with-ncurses'
'--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr'
'--with-openssl' '--with-png' '--with-pspell'
'--with-regex=system' '--with-xml' '--with-expat-dir=/usr'
'--with-zlib' '--with-layout=GNU' '--enable-bcmath'
'--enable-exif' '--enable-ftp' '--enable-magic-quotes'
'--enable-safe-mode' '--enable-sockets' '--enable-sysvsem'
'--enable-sysvshm' '--enable-discard-path'
'--enable-track-vars' '--enable-trans-sid' '--enable-yp'
'--enable-wddx' '--enable-mbstring'
'--enable-mbstr-enc-trans' '--enable-mbregex'
'--without-oci8' '--with-pear=/usr/share/pear'
'--with-imap=/usr' '--with-imap-ssl'
'--with-kerberos=/usr/kerberos' '--with-ldap=/usr'
'--with-mysql=/usr'
'--with-mysql-sock=/var/lib/mysql/mysql.sock'
'--with-pgsql=/usr' '--with-unixODBC=/usr'
'--enable-memory-limit' '--enable-bcmath' '--enable-shmop'
'--enable-versioning' '--enable-calendar' '--enable-dbx'
'--enable-dio' '--enable-mcal'
'--with-apxs2filter=/usr/sbin/apxs' '--with-xsl=/usr'
'--with-mysqli=/usr/bin/mysql_config'
In terms of what libxml I'm running (from rpm -qa | grep
-i libxml):
libxml2-2.5.10-7
libxml2-devel-2.5.10-7
libxml-1.8.17-9.2
As a side note, I haven't had any problems compiling
PHP-5.0.1 through PHP-5.0.3 using the above configure line
nor the version of libxml2 that I have been running (it
might have changed a bit over time because of up2date, but
it hasn't been that dramatic a change).
[2005-03-09 00:58:42] [EMAIL PROTECTED]
What libxml2 version do you have installed?
What configure options did you use?
[2005-03-09 00:47:17] kibab at icehouse dot net
I tried and it didn't compile:
[EMAIL PROTECTED] php5-200503082130***]$ make
/bin/sh /root/builds/php5-200503082130/libtool --silent
--preserve-dup-deps --mode=compile gcc -Iext/libxml/
-I/root/builds/php5-200503082130/ext/libxml/
-DPHP_ATOM_INC -I/root/builds/php5-200503082130/include
-I/root/builds/php5-200503082130/main
-I/root/builds/php5-200503082130
-I/root/builds/php5-200503082130/Zend
-I/usr/include/libxml2 -I/usr/kerberos/include
-I/usr/include/freetype2 -I/usr/include/imap
-I/root/builds/php5-200503082130/ext/mbstring/oniguruma
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl/mbfl
-I/usr/include/mysql -I/usr/include/ncurses
-I/usr/include/pspell
-I/root/builds/php5-200503082130/TSRM -g-O2
-prefer-non-pic
-c /root/builds/php5-200503082130/ext/libxml/libxml.c -o
ext/libxml/libxml.lo
/root/builds/php5-200503082130/ext/libxml/libxml.c:337:
syntax error before error
/root/builds/php5-200503082130/ext/libxml/libxml.c: In
function `_php_libxml_free_error':
/root/builds/php5-200503082130/ext/libxml/libxml.c:339:
`error' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:339:
(Each undeclared identifier is reported only once
/root/builds/php5-200503082130/ext/libxml/libxml.c
#31618 [Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5.0.3
New Comment:
Ok. It turns out xmlErrorPtr (and all the other changes)
are associated with libxml2 version 2.6.X. So, the docs
are wrong now, assuming the upgrade was intended. I guess
my RPM's are no longer sufficient. acinclude.m4,
aclocal.m4, and configure all mention 2.5.10. However,
ext/xml/xml.c has a reference to php_error_docref() that
mentions upgrading to libxml2 version 2.6.
So, libxml2 version 2.6 is the official requirement now?
Previous Comments:
[2005-03-09 18:16:01] kibab at icehouse dot net
A bit more information. I ran the compile command
manually using gcc -E instead of libtool, and it turns out
that xmlErrorPtr hasn't yet been defined at that point,
which is why it's dieing.
Also, I grepped for it but it's not present:
$ pwd
/usr/include/libxml2
$ grep -rni xmlError *
libxml/globals.h:17:#include libxml/xmlerror.h
Per {acinclude,aclocal}.m4, libxml2 version 2.5.10 is
required, but I have that installed
I'll keep investigating... thanks.
[2005-03-09 16:42:44] kibab at icehouse dot net
Configure options listed below. It's basically a mirror of
the standard PHP-4 Redhat options adapted for PHP-5, with
a couple of extra options I added in.
./configure '--host=i386-redhat-linux'
'--build=i386-redhat-linux'
'--target=i386-redhat-linux-gnu' '--program-prefix='
'--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin'
'--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib' '--libexecdir=/usr/libexec'
'--localstatedir=/var' '--sharedstatedir=/usr/com'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--cache-file=./config.cache'
'--with-config-file-path=/etc'
'--with-config-file-scan-dir=/etc/php.d'
'--enable-force-cgi-redirect' '--disable-debug'
'--enable-pic' '--disable-rpath'
'--enable-inline-optimization' '--with-bz2'
'--with-db4=/usr' '--with-curl' '--with-dom=/usr'
'--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr'
'--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf'
'--with-ttf' '--with-gettext' '--with-ncurses'
'--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr'
'--with-openssl' '--with-png' '--with-pspell'
'--with-regex=system' '--with-xml' '--with-expat-dir=/usr'
'--with-zlib' '--with-layout=GNU' '--enable-bcmath'
'--enable-exif' '--enable-ftp' '--enable-magic-quotes'
'--enable-safe-mode' '--enable-sockets' '--enable-sysvsem'
'--enable-sysvshm' '--enable-discard-path'
'--enable-track-vars' '--enable-trans-sid' '--enable-yp'
'--enable-wddx' '--enable-mbstring'
'--enable-mbstr-enc-trans' '--enable-mbregex'
'--without-oci8' '--with-pear=/usr/share/pear'
'--with-imap=/usr' '--with-imap-ssl'
'--with-kerberos=/usr/kerberos' '--with-ldap=/usr'
'--with-mysql=/usr'
'--with-mysql-sock=/var/lib/mysql/mysql.sock'
'--with-pgsql=/usr' '--with-unixODBC=/usr'
'--enable-memory-limit' '--enable-bcmath' '--enable-shmop'
'--enable-versioning' '--enable-calendar' '--enable-dbx'
'--enable-dio' '--enable-mcal'
'--with-apxs2filter=/usr/sbin/apxs' '--with-xsl=/usr'
'--with-mysqli=/usr/bin/mysql_config'
In terms of what libxml I'm running (from rpm -qa | grep
-i libxml):
libxml2-2.5.10-7
libxml2-devel-2.5.10-7
libxml-1.8.17-9.2
As a side note, I haven't had any problems compiling
PHP-5.0.1 through PHP-5.0.3 using the above configure line
nor the version of libxml2 that I have been running (it
might have changed a bit over time because of up2date, but
it hasn't been that dramatic a change).
[2005-03-09 00:58:42] [EMAIL PROTECTED]
What libxml2 version do you have installed?
What configure options did you use?
[2005-03-09 00:47:17] kibab at icehouse dot net
I tried and it didn't compile:
[EMAIL PROTECTED] php5-200503082130***]$ make
/bin/sh /root/builds/php5-200503082130/libtool --silent
--preserve-dup-deps --mode=compile gcc -Iext/libxml/
-I/root/builds/php5-200503082130/ext/libxml/
-DPHP_ATOM_INC -I/root/builds/php5-200503082130/include
-I/root/builds/php5-200503082130/main
-I/root/builds/php5-200503082130
-I/root/builds/php5-200503082130/Zend
-I/usr/include/libxml2 -I/usr/kerberos/include
-I/usr/include/freetype2 -I/usr/include/imap
-I/root/builds/php5-200503082130/ext/mbstring/oniguruma
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl/mbfl
-I/usr/include/mysql -I/usr/include/ncurses
-I/usr/include/pspell
-I/root/builds
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618 User updated by: kibab at icehouse dot net Reported By: kibab at icehouse dot net -Status: Feedback +Status: Open Bug Type: Filesystem function related Operating System: redhat enterprise PHP Version: 5.0.3 New Comment: Configure options listed below. It's basically a mirror of the standard PHP-4 Redhat options adapted for PHP-5, with a couple of extra options I added in. ./configure '--host=i386-redhat-linux' '--build=i386-redhat-linux' '--target=i386-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=./config.cache' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--enable-force-cgi-redirect' '--disable-debug' '--enable-pic' '--disable-rpath' '--enable-inline-optimization' '--with-bz2' '--with-db4=/usr' '--with-curl' '--with-dom=/usr' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' '--with-gettext' '--with-ncurses' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-png' '--with-pspell' '--with-regex=system' '--with-xml' '--with-expat-dir=/usr' '--with-zlib' '--with-layout=GNU' '--enable-bcmath' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-safe-mode' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-discard-path' '--enable-track-vars' '--enable-trans-sid' '--enable-yp' '--enable-wddx' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex' '--without-oci8' '--with-pear=/usr/share/pear' '--with-imap=/usr' '--with-imap-ssl' '--with-kerberos=/usr/kerberos' '--with-ldap=/usr' '--with-mysql=/usr' '--with-mysql-sock=/var/lib/mysql/mysql.sock' '--with-pgsql=/usr' '--with-unixODBC=/usr' '--enable-memory-limit' '--enable-bcmath' '--enable-shmop' '--enable-versioning' '--enable-calendar' '--enable-dbx' '--enable-dio' '--enable-mcal' '--with-apxs2filter=/usr/sbin/apxs' '--with-xsl=/usr' '--with-mysqli=/usr/bin/mysql_config' In terms of what libxml I'm running (from rpm -qa | grep -i libxml): libxml2-2.5.10-7 libxml2-devel-2.5.10-7 libxml-1.8.17-9.2 As a side note, I haven't had any problems compiling PHP-5.0.1 through PHP-5.0.3 using the above configure line nor the version of libxml2 that I have been running (it might have changed a bit over time because of up2date, but it hasn't been that dramatic a change). Previous Comments: [2005-03-09 00:58:42] [EMAIL PROTECTED] What libxml2 version do you have installed? What configure options did you use? [2005-03-09 00:47:17] kibab at icehouse dot net I tried and it didn't compile: [EMAIL PROTECTED] php5-200503082130***]$ make /bin/sh /root/builds/php5-200503082130/libtool --silent --preserve-dup-deps --mode=compile gcc -Iext/libxml/ -I/root/builds/php5-200503082130/ext/libxml/ -DPHP_ATOM_INC -I/root/builds/php5-200503082130/include -I/root/builds/php5-200503082130/main -I/root/builds/php5-200503082130 -I/root/builds/php5-200503082130/Zend -I/usr/include/libxml2 -I/usr/kerberos/include -I/usr/include/freetype2 -I/usr/include/imap -I/root/builds/php5-200503082130/ext/mbstring/oniguruma -I/root/builds/php5-200503082130/ext/mbstring/libmbfl -I/root/builds/php5-200503082130/ext/mbstring/libmbfl/mbfl -I/usr/include/mysql -I/usr/include/ncurses -I/usr/include/pspell -I/root/builds/php5-200503082130/TSRM -g-O2 -prefer-non-pic -c /root/builds/php5-200503082130/ext/libxml/libxml.c -o ext/libxml/libxml.lo /root/builds/php5-200503082130/ext/libxml/libxml.c:337: syntax error before error /root/builds/php5-200503082130/ext/libxml/libxml.c: In function `_php_libxml_free_error': /root/builds/php5-200503082130/ext/libxml/libxml.c:339: `error' undeclared (first use in this function) /root/builds/php5-200503082130/ext/libxml/libxml.c:339: (Each undeclared identifier is reported only once /root/builds/php5-200503082130/ext/libxml/libxml.c:339: for each function it appears in.) /root/builds/php5-200503082130/ext/libxml/libxml.c: At top level: /root/builds/php5-200503082130/ext/libxml/libxml.c:343: syntax error before error /root/builds/php5-200503082130/ext/libxml/libxml.c: In function `_php_list_set_error_structure': /root/builds/php5-200503082130/ext/libxml/libxml.c:345: `xmlError' undeclared (first use in this function) /root/builds/php5-200503082130/ext/libxml/libxml.c:345: syntax error before error_copy /root/builds/php5-200503082130/ext/libxml/libxml.c:350: `error_copy' undeclared (first use
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
-Status: Feedback
+Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5.0.3
New Comment:
Ok. I installed libxml2-2.6.16 and compiled both. STABLE
snapshot from last night compiles fine and links to the
new libxml2. UNSTABLE fails linking:
...
ext/libxml/libxml.lo(.text+0x362): In function
`_php_libxml_free_error':
/root/builds/php5-200503091530/ext/libxml/libxml.c:339:
undefined reference to `xmlResetError'
ext/libxml/libxml.lo(.text+0x394): In function
`_php_list_set_error_structure':
/root/builds/php5-200503091530/ext/libxml/libxml.c:353:
undefined reference to `xmlCopyError'
ext/libxml/libxml.lo(.text+0xa1e): In function
`zm_deactivate_libxml':
So, I could only try it out on the new STABLE snapshot,
and the behavior is NOT fixed. Also, an almost identical
situation comes up with the following test case (nearly
identical to my first one):
$myfilename = '/var/lib/php/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename
(true)br;
} else {
echo is_readable: $myfilename
(false)br;
}
//include($myfilename);
$res = fopen($myfilename,'r');
echo res: $resbr;
$text = fgets($res, 4096);
echo $text
This results in:
Warning: fopen() [function.fopen]: SAFE MODE Restriction
in effect. The script whose uid/gid is 49/49 is not
allowed to access /var/lib/php/test_templ2.php owned by
uid/gid 0/0 in /var/www/sites/devel/test.php on line 10
Warning: fopen(/var/lib/php/test_templ2.php)
[function.fopen]: failed to open stream: Success
in /var/www/sites/devel/test.php on line 10
...
Thus, fopen also has the same type of problem. As you can
see below, safe_mode_include_dir is set to /var/lib/php,
as referenced in the above error message.
// php.ini settings
$ cat /etc/php.ini | grep -i safe_mode
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php
...
Previous Comments:
[2005-03-09 21:42:46] [EMAIL PROTECTED]
Try this snapshot too, from the PHP 5_0 branch:
http://snaps.php.net/php5-STABLE-latest.tar.gz
[2005-03-09 19:32:42] kibab at icehouse dot net
Ok. It turns out xmlErrorPtr (and all the other changes)
are associated with libxml2 version 2.6.X. So, the docs
are wrong now, assuming the upgrade was intended. I guess
my RPM's are no longer sufficient. acinclude.m4,
aclocal.m4, and configure all mention 2.5.10. However,
ext/xml/xml.c has a reference to php_error_docref() that
mentions upgrading to libxml2 version 2.6.
So, libxml2 version 2.6 is the official requirement now?
[2005-03-09 18:16:01] kibab at icehouse dot net
A bit more information. I ran the compile command
manually using gcc -E instead of libtool, and it turns out
that xmlErrorPtr hasn't yet been defined at that point,
which is why it's dieing.
Also, I grepped for it but it's not present:
$ pwd
/usr/include/libxml2
$ grep -rni xmlError *
libxml/globals.h:17:#include libxml/xmlerror.h
Per {acinclude,aclocal}.m4, libxml2 version 2.5.10 is
required, but I have that installed
I'll keep investigating... thanks.
[2005-03-09 16:42:44] kibab at icehouse dot net
Configure options listed below. It's basically a mirror of
the standard PHP-4 Redhat options adapted for PHP-5, with
a couple of extra options I added in.
./configure '--host=i386-redhat-linux'
'--build=i386-redhat-linux'
'--target=i386-redhat-linux-gnu' '--program-prefix='
'--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin'
'--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib' '--libexecdir=/usr/libexec'
'--localstatedir=/var' '--sharedstatedir=/usr/com'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--cache-file=./config.cache'
'--with-config-file-path=/etc'
'--with-config-file-scan-dir=/etc/php.d'
'--enable-force-cgi-redirect' '--disable-debug'
'--enable-pic' '--disable-rpath'
'--enable-inline-optimization' '--with-bz2'
'--with-db4=/usr' '--with-curl' '--with-dom=/usr'
'--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr'
'--with-png-dir=/usr' '--with-gd' '--enable-gd-native-ttf'
'--with-ttf' '--with-gettext' '--with-ncurses'
'--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr'
'--with-openssl' '--with-png' '--with-pspell'
'--with-regex=system' '--with-xml' '--with-expat-dir=/usr'
'--with-zlib' '--with-layout=GNU' '--enable-bcmath'
'--enable-exif
#31618 [Fbk-Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
-Status: Feedback
+Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5.0.3
New Comment:
I tried and it didn't compile:
[EMAIL PROTECTED] php5-200503082130***]$ make
/bin/sh /root/builds/php5-200503082130/libtool --silent
--preserve-dup-deps --mode=compile gcc -Iext/libxml/
-I/root/builds/php5-200503082130/ext/libxml/
-DPHP_ATOM_INC -I/root/builds/php5-200503082130/include
-I/root/builds/php5-200503082130/main
-I/root/builds/php5-200503082130
-I/root/builds/php5-200503082130/Zend
-I/usr/include/libxml2 -I/usr/kerberos/include
-I/usr/include/freetype2 -I/usr/include/imap
-I/root/builds/php5-200503082130/ext/mbstring/oniguruma
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl
-I/root/builds/php5-200503082130/ext/mbstring/libmbfl/mbfl
-I/usr/include/mysql -I/usr/include/ncurses
-I/usr/include/pspell
-I/root/builds/php5-200503082130/TSRM -g-O2
-prefer-non-pic
-c /root/builds/php5-200503082130/ext/libxml/libxml.c -o
ext/libxml/libxml.lo
/root/builds/php5-200503082130/ext/libxml/libxml.c:337:
syntax error before error
/root/builds/php5-200503082130/ext/libxml/libxml.c: In
function `_php_libxml_free_error':
/root/builds/php5-200503082130/ext/libxml/libxml.c:339:
`error' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:339:
(Each undeclared identifier is reported only once
/root/builds/php5-200503082130/ext/libxml/libxml.c:339:
for each function it appears in.)
/root/builds/php5-200503082130/ext/libxml/libxml.c: At top
level:
/root/builds/php5-200503082130/ext/libxml/libxml.c:343:
syntax error before error
/root/builds/php5-200503082130/ext/libxml/libxml.c: In
function `_php_list_set_error_structure':
/root/builds/php5-200503082130/ext/libxml/libxml.c:345:
`xmlError' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:345:
syntax error before error_copy
/root/builds/php5-200503082130/ext/libxml/libxml.c:350:
`error_copy' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:352:
`error' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:357:
`XML_ERR_ERROR' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c:363:
`msg' undeclared (first use in this function)
/root/builds/php5-200503082130/ext/libxml/libxml.c: At top
level:
/root/builds/php5-200503082130/ext/libxml/libxml.c:455:
syntax error before xmlErrorPtr
/root/builds/php5-200503082130/ext/libxml/libxml.c: In
function `php_libxml_structured_error_handler':
/root/builds/php5-200503082130/ext/libxml/libxml.c:457:
`error' undeclared (first use in this function)
make: *** [ext/libxml/libxml.lo] Error 1
I'll try the next few snapshots until one of them compiles
and then provide feedback. Thanks.
Previous Comments:
[2005-02-28 20:59:48] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php5-win32-latest.zip
[2005-01-20 22:32:24] kibab at icehouse dot net
Maybe this isn't directly related, but
fopen($myfilename,r) also fails, even though
include($myfilename) works. Again, $myfilename is in the
safe_mode_include_dir, so fopen should be able to open it.
[2005-01-19 23:05:35] kibab at icehouse dot net
Description:
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r--1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
.:/var/lib/php_packages:/var/lib/php_packages/pear
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---
test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename (true)br;
} else {
echo is_readable: $myfilename (false)br;
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
I would expect is_readable() to return true
#31618 [Opn]: is_readable() results based on ownership of calling script, not file
ID: 31618
User updated by: kibab at icehouse dot net
Reported By: kibab at icehouse dot net
Status: Open
Bug Type: Filesystem function related
Operating System: redhat enterprise
PHP Version: 5.0.3
New Comment:
Maybe this isn't directly related, but
fopen($myfilename,r) also fails, even though
include($myfilename) works. Again, $myfilename is in the
safe_mode_include_dir, so fopen should be able to open it.
Previous Comments:
[2005-01-19 23:05:35] kibab at icehouse dot net
Description:
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r--1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
.:/var/lib/php_packages:/var/lib/php_packages/pear
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---
test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename (true)br;
} else {
echo is_readable: $myfilename (false)br;
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
I would expect is_readable() to return true in both
instances. The uid/gid check shouldn't matter despite
safe mode, as the file is in safe_mode_include_dir, and
even if it wasn't, the is_readable documentation says that
it does NOT take into account safe_mode restrictions.
Actual result:
--
// When test.php has the following ownership:
$ ls -l test.php
-rw-rw-r--1 root root 278 Jan 19 13:16
test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (true)
TESTING!
// When test.php has the following permissions:
$ ls -l test.php
-rw-rw-r--1 dschlegel79 undergradadmiss 278 Jan
19 13:16 test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (false)
TESTING!
--
Edit this bug report at http://bugs.php.net/?id=31618edit=1
#31618 [NEW]: is_readable() results based on ownership of calling script, not file
From: kibab at icehouse dot net
Operating system: redhat enterprise
PHP version: 5.0.3
PHP Bug Type: Filesystem function related
Bug description: is_readable() results based on ownership of calling script,
not file
Description:
is_readable($myfilename) in the repro code returns true if
the script calling it is owned by root, but false if it is
owned by someone else.
Permissions are:
-rw-r--r--1 root root 5452 Jan 13
13:02 /var/lib/php_packages/test_templ2.php
drwxr-xr-x4 root root 4096 Jan 19
08:19 /var/lib/php_packages
drwxr-xr-x 27 root root 4096 Jan 12
09:27 /var/lib
drwxr-xr-x 24 root root 4096 Sep 22
13:06 /var
drwxr-xr-x 20 root root 4096 Oct 29 09:48 /
Relevant Settings:
include_path =
.:/var/lib/php_packages:/var/lib/php_packages/pear
safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /var/lib/php_packages
Reproduce code:
---
test.php ###
$myfilename = '/var/lib/php_packages/test_templ2.php';
if (is_readable($myfilename)) {
echo is_readable: $myfilename (true)br;
} else {
echo is_readable: $myfilename (false)br;
}
include($myfilename);
### test_templ2.php ###
TESTING!
Expected result:
I would expect is_readable() to return true in both
instances. The uid/gid check shouldn't matter despite
safe mode, as the file is in safe_mode_include_dir, and
even if it wasn't, the is_readable documentation says that
it does NOT take into account safe_mode restrictions.
Actual result:
--
// When test.php has the following ownership:
$ ls -l test.php
-rw-rw-r--1 root root 278 Jan 19 13:16
test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (true)
TESTING!
// When test.php has the following permissions:
$ ls -l test.php
-rw-rw-r--1 dschlegel79 undergradadmiss 278 Jan
19 13:16 test.php
// I get the following output:
is_readable: /var/lib/php_packages/test_templ2.php (false)
TESTING!
--
Edit bug report at http://bugs.php.net/?id=31618edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=31618r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=31618r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=31618r=trysnapshot51
Fixed in CVS:http://bugs.php.net/fix.php?id=31618r=fixedcvs
Fixed in release:http://bugs.php.net/fix.php?id=31618r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=31618r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=31618r=needscript
Try newer version: http://bugs.php.net/fix.php?id=31618r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=31618r=support
Expected behavior: http://bugs.php.net/fix.php?id=31618r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=31618r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=31618r=submittedtwice
register_globals:http://bugs.php.net/fix.php?id=31618r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=31618r=php3
Daylight Savings:http://bugs.php.net/fix.php?id=31618r=dst
IIS Stability: http://bugs.php.net/fix.php?id=31618r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=31618r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=31618r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=31618r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=31618r=mysqlcfg
