#32503 [Opn]: fopen() in cwd: filename must start with ./ under safe mode

[Bjorn dot Wiberg at its dot uu dot se]

 ID:   32503
 User updated by:  Bjorn dot Wiberg at its dot uu dot se
 Reported By:  Bjorn dot Wiberg at its dot uu dot se
 Status:   Open
 Bug Type: Safe Mode/open_basedir
 Operating System: IBM AIX 5.2.0.0 ML5
 PHP Version:  5.1.2
 New Comment:

Hi!

I just confirmed that the same things happen with PHP 5.1.2.

(Somehow my updating of this issue on January 16th seemed to have
disappeared.)

Best regards,
Björn


Previous Comments:


[2005-12-19 17:46:22] Bjorn dot Wiberg at its dot uu dot se

Hi sniper!

Just wanted to tell you that for 5.1.1, the following holds:

If the path to the file is not listable (r flag) all the way, one gets
the following message:

Warning: fopen(): open_basedir restriction in effect. File(a.txt) is
not within the allowed path(s):
(.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: Not owner in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

The same error occurs until one makes sure that the path all the way to
the file is listable (r flag).


Then, with the path all the way to the file listable (r flag), one
gets, with "a.txt" and no existing file:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

However, "./a.txt" and no existing file works fine.

With "a.txt" and the file already existing, things work just fine.

With "./a.txt" and the file already existing, things work just fine.

Would it be OK to wait for 5.1.2, or have things related to this
actually changed in the latest snapshot?

(I just recompiled and installed 5.1.1, awaiting some possible input on
or fixes to another bug, so I hope to recompile again sometime early
next year.)

Wishing you a Merry Christmas and a Happy New Year, and for putting up
with me and my AIX troubles. :-)

Best regards,
Björn



[2005-07-05 10:21:38] Bjorn dot Wiberg at its dot uu dot se

(Thanks for fixing the mpm_common crash, that problem is gone now.)

With #define HAVE_BROKEN_GETCWD 1 in php_config.h, and having made sure
that the path up to the directory where the file is to be created has
sufficient permissions, I still get the same error:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 

Having the read (r) permission off for the "test" directory along the
way:

Warning: fopen(): open_basedir restriction in effect. File(a.txt) is
not within the allowed path(s):
(.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: Not owner in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

Best regards,
Björn



[2005-05-09 14:15:53] Bjorn dot Wiberg at its dot uu dot se

Hi again!

I just tried the #define HAVE_BROKEN_GETCWD 1 trick from
http://bugs.php.net/bug.php?id=32501, with PHP 5.0.4 (the "fixed"
version) but that didn't help in this regard. I thought I would mention
this.

Best regards,
Björn



[2005-04-05 09:28:28] Bjorn dot Wiberg at its dot uu dot se

Hi Tony!

Thank you for your feedback!

I'm afraid that absolute paths aren't a very viable solution to this,
as that probably would break too many scripts, expecting it to be
possible to "just" save a file to the current directory.

Is the "PHP realpath hack" supposed to handle these kind of problems on
AIX?

Please let me know if I can help in any way!

Best regards,
Björn



[2005-04-04 17:11:05] [EMAIL PROTECTED]

Right, this is somehow concerned with broken realpath() on AIX.
The problem is that we end up with relative path in php_checkuid_ex()
function and it fails to check permissions for the directory.
Of course, the easiest solution is to use absolute paths everywhere.




The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/32503

-- 
Edit this bug report at http://bugs.php.net/?id=32503&edit=1

#32503 [Opn]: fopen() in cwd: filename must start with ./ under safe mode

[Bjorn dot Wiberg at its dot uu dot se]

 ID:   32503
 User updated by:  Bjorn dot Wiberg at its dot uu dot se
 Reported By:  Bjorn dot Wiberg at its dot uu dot se
 Status:   Open
 Bug Type: Filesystem function related
 Operating System: IBM AIX 5.2.0.0 ML5
 PHP Version:  5CVS-2005-07-05
 New Comment:

Hi again!

(Thanks for fixing the mpm_common crash, that problem is gone now.)

I'm pasting some test results (also used in bug #53201) here.


All the following with #define HAVE_BROKEN_GETCWD 1 in
main/php_config.h, and the following code (tests 1-4):

";

  $handle = fopen("a.txt", "w", false);
  if ( $handle != FALSE ) {
fputs($handle, "testtext");
fclose($handle);
  }

?>

..and, respectively (tests 5-8):

";

  $handle = fopen("./a.txt", "w", false);
  if ( $handle != FALSE ) {
fputs($handle, "testtext");
fclose($handle);
  }

?>


1. No existing "a.txt" file in the destination directory. With the
"read" flag missing to the "test" directory along the path, and write
permissions to the destination directory:

Warning: fopen(): open_basedir restriction in effect. File(a.txt) is
not
within the allowed path(s):
(.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: Not owner in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

No file gets created. getcwd() fails.

2. No existing "a.txt" file in the destination directory. Having both
read and execute flags along the path, and write permissions to the
destination directory:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 

No file gets created. But getcwd() correctly returns "
/apache/htdocs/bwiberg/test/safemode".

3. No existing "a.txt" file in the destination directory. Trying with
"./a.txt" instead, a missing "read" flag to the "test" directory along
the path, and write permissions to the destination directory:

No error message. The a.txt file gets correctly created, but getcwd()
fails.

4. No existing "a.txt" file in the destination directory. Trying with
"./a.txt", both "read" and "execute" flags along the path, and write
permissions to the destination directory:

No error message. The file gets correctly created, and getcwd()
returns
"/apache/htdocs/bwiberg/test/safemode".

5. Existing "a.txt" file in the destination directory. With the "read"
flag missing to the "test" directory along the path, and write
permissions to the destination directory:

Warning: fopen(): open_basedir restriction in effect. File(a.txt) is
not
within the allowed path(s):
(.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: Not owner in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

File does not get overwritten. getcwd() fails.

6. Existing "a.txt" file in the destination directory. Having both
read
and execute flags along the path, and write permissions to the
destination directory:

No error message. File gets overwritten correctly. getcwd() returns
"/apache/htdocs/bwiberg/test/safemode".

7. Existing "a.txt" file in the destination directory. Trying with
"./a.txt" instead, a missing "read" flag to the "test" directory along
the path, and write permissions to the destination directory:

No error message. File gets overwritten correctly, but getcwd() fails.

8. Existing "a.txt" file in the destination directory. Trying with
"./a.txt", both "read" and "execute" flags along the path, and write
permissions to the destination directory:

No error message. File gets overwritten correctly. getcwd() returns
"/apache/htdocs/bwiberg/test/safemode".


I don't know if these results are useless because of the custom
HAVE_BROKEN_GETCWD 1 setting? Perhaps the tests would need to be redone
without that modification?

Best regards,
Björn


Previous Comments:


[2005-07-05 10:21:38] Bjorn dot Wiberg at its dot uu dot se

(Thanks for fixing the mpm_common crash, that problem is gone now.)

With #define HAVE_BROKEN_GETCWD 1 in php_config.h, and having made sure
that the path up to the directory where the file is to be created has
sufficient permissions, I still get the same error:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 

Having the read (r) permission off for the "test" directory along the
way:

Warning: fopen(): open_basedir restriction in effect. File(a.txt) is
not within the allowed path(s):
(.:/apache/php/lib/php/:/apache/htdocs/bwiberg/) in
/

#32503 [Opn]: fopen() in cwd: filename must start with ./ under safe mode

[Bjorn dot Wiberg at its dot uu dot se]

 ID:   32503
 User updated by:  Bjorn dot Wiberg at its dot uu dot se
 Reported By:  Bjorn dot Wiberg at its dot uu dot se
 Status:   Open
 Bug Type: Filesystem function related
 Operating System: IBM AIX 5.2.0.0 ML5
 PHP Version:  5CVS-2005-03-31
 New Comment:

Hi again!

I just tried the #define HAVE_BROKEN_GETCWD 1 trick from
http://bugs.php.net/bug.php?id=32501, with PHP 5.0.4 (the "fixed"
version) but that didn't help in this regard. I thought I would mention
this.

Best regards,
Björn


Previous Comments:


[2005-04-05 09:28:28] Bjorn dot Wiberg at its dot uu dot se

Hi Tony!

Thank you for your feedback!

I'm afraid that absolute paths aren't a very viable solution to this,
as that probably would break too many scripts, expecting it to be
possible to "just" save a file to the current directory.

Is the "PHP realpath hack" supposed to handle these kind of problems on
AIX?

Please let me know if I can help in any way!

Best regards,
Björn



[2005-04-04 17:11:05] [EMAIL PROTECTED]

Right, this is somehow concerned with broken realpath() on AIX.
The problem is that we end up with relative path in php_checkuid_ex()
function and it fails to check permissions for the directory.
Of course, the easiest solution is to use absolute paths everywhere.




[2005-04-01 16:32:32] Bjorn dot Wiberg at its dot uu dot se

Tried php5-200503310630 (5.1.0-dev), but the problem is still present:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

(Whereas "./a.txt" works just fine.)

Best regards,
Björn



[2005-03-30 17:17:27] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip





[2005-03-30 14:37:04] Bjorn dot Wiberg at its dot uu dot se

Description:

Under safe mode, if one tries to create a new file with fopen(),
specifying a filename without any path part in it (such as "./a.txt" or
/apache/htdocs/bwiberg/test/safemode/a.txt"), fopen() fails, claiming
that the file cannot be found.


If the file already exists, everything works just fine.

If you specify a path part ahead of the filename, everything works just
fine.

If you give fopen() "true" as a third argument, and make sure that your
include_path includes "." as its FIRST path (if you have several
directories in it), everything works just fine. (Perhaps the
restriction of only trying the FIRST path should be mentioned in the
docs as well.)


I'm not sure if this problem is related to the earlier discussions of
php_realpath_hack (that fix should be present as "_AIX" is set by gcc
under AIX), but it sure poses a problem for scripts which rely on being
able to create a file in the current directory without specifying any
path.

Another question is why $handle in the example script isn't set to
FALSE if the open failed -- instead the error propagates to the fputs()
part.

I'd appreciate any input regarding this. Thanks in advance!

Best regards,
Björn

Reproduce code:
---
";

  $handle = fopen("a.txt", "w", false);
  if ( $handle != FALSE ) {
fputs($handle, "testtext");
fclose($handle);
  }

?>


Expected result:

/apache/htdocs/bwiberg/test/safemode

(File a.txt gets created in current directory.)

Actual result:
--
/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5





-- 
Edit this bug report at http://bugs.php.net/?id=32503&edit=1

#32503 [Opn]: fopen() in cwd: filename must start with ./ under safe mode

[Bjorn dot Wiberg at its dot uu dot se]

 ID:   32503
 User updated by:  Bjorn dot Wiberg at its dot uu dot se
 Reported By:  Bjorn dot Wiberg at its dot uu dot se
 Status:   Open
 Bug Type: Filesystem function related
 Operating System: IBM AIX 5.2.0.0 ML5
 PHP Version:  5CVS-2005-03-31
 New Comment:

Hi Tony!

Thank you for your feedback!

I'm afraid that absolute paths aren't a very viable solution to this,
as that probably would break too many scripts, expecting it to be
possible to "just" save a file to the current directory.

Is the "PHP realpath hack" supposed to handle these kind of problems on
AIX?

Please let me know if I can help in any way!

Best regards,
Björn


Previous Comments:


[2005-04-04 17:11:05] [EMAIL PROTECTED]

Right, this is somehow concerned with broken realpath() on AIX.
The problem is that we end up with relative path in php_checkuid_ex()
function and it fails to check permissions for the directory.
Of course, the easiest solution is to use absolute paths everywhere.




[2005-04-01 16:32:32] Bjorn dot Wiberg at its dot uu dot se

Tried php5-200503310630 (5.1.0-dev), but the problem is still present:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

(Whereas "./a.txt" works just fine.)

Best regards,
Björn



[2005-03-30 17:17:27] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip





[2005-03-30 14:37:04] Bjorn dot Wiberg at its dot uu dot se

Description:

Under safe mode, if one tries to create a new file with fopen(),
specifying a filename without any path part in it (such as "./a.txt" or
/apache/htdocs/bwiberg/test/safemode/a.txt"), fopen() fails, claiming
that the file cannot be found.


If the file already exists, everything works just fine.

If you specify a path part ahead of the filename, everything works just
fine.

If you give fopen() "true" as a third argument, and make sure that your
include_path includes "." as its FIRST path (if you have several
directories in it), everything works just fine. (Perhaps the
restriction of only trying the FIRST path should be mentioned in the
docs as well.)


I'm not sure if this problem is related to the earlier discussions of
php_realpath_hack (that fix should be present as "_AIX" is set by gcc
under AIX), but it sure poses a problem for scripts which rely on being
able to create a file in the current directory without specifying any
path.

Another question is why $handle in the example script isn't set to
FALSE if the open failed -- instead the error propagates to the fputs()
part.

I'd appreciate any input regarding this. Thanks in advance!

Best regards,
Björn

Reproduce code:
---
";

  $handle = fopen("a.txt", "w", false);
  if ( $handle != FALSE ) {
fputs($handle, "testtext");
fclose($handle);
  }

?>


Expected result:

/apache/htdocs/bwiberg/test/safemode

(File a.txt gets created in current directory.)

Actual result:
--
/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5





-- 
Edit this bug report at http://bugs.php.net/?id=32503&edit=1

#32503 [Opn]: fopen() in cwd: filename must start with ./ under safe mode

[tony2001]

 ID:   32503
 Updated by:   [EMAIL PROTECTED]
 Reported By:  Bjorn dot Wiberg at its dot uu dot se
 Status:   Open
 Bug Type: Filesystem function related
 Operating System: IBM AIX 5.2.0.0 ML5
 PHP Version:  5CVS-2005-03-31
 New Comment:

Right, this is somehow concerned with broken realpath() on AIX.
The problem is that we end up with relative path in php_checkuid_ex()
function and it fails to check permissions for the directory.
Of course, the easiest solution is to use absolute paths everywhere.



Previous Comments:


[2005-04-01 16:32:32] Bjorn dot Wiberg at its dot uu dot se

Tried php5-200503310630 (5.1.0-dev), but the problem is still present:

/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5

(Whereas "./a.txt" works just fine.)

Best regards,
Björn



[2005-03-30 17:17:27] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip





[2005-03-30 14:37:04] Bjorn dot Wiberg at its dot uu dot se

Description:

Under safe mode, if one tries to create a new file with fopen(),
specifying a filename without any path part in it (such as "./a.txt" or
/apache/htdocs/bwiberg/test/safemode/a.txt"), fopen() fails, claiming
that the file cannot be found.


If the file already exists, everything works just fine.

If you specify a path part ahead of the filename, everything works just
fine.

If you give fopen() "true" as a third argument, and make sure that your
include_path includes "." as its FIRST path (if you have several
directories in it), everything works just fine. (Perhaps the
restriction of only trying the FIRST path should be mentioned in the
docs as well.)


I'm not sure if this problem is related to the earlier discussions of
php_realpath_hack (that fix should be present as "_AIX" is set by gcc
under AIX), but it sure poses a problem for scripts which rely on being
able to create a file in the current directory without specifying any
path.

Another question is why $handle in the example script isn't set to
FALSE if the open failed -- instead the error propagates to the fputs()
part.

I'd appreciate any input regarding this. Thanks in advance!

Best regards,
Björn

Reproduce code:
---
";

  $handle = fopen("a.txt", "w", false);
  if ( $handle != FALSE ) {
fputs($handle, "testtext");
fclose($handle);
  }

?>


Expected result:

/apache/htdocs/bwiberg/test/safemode

(File a.txt gets created in current directory.)

Actual result:
--
/apache/htdocs/bwiberg/test/safemode
Warning: fopen(): Unable to access a.txt in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5 Warning:
fopen(a.txt): failed to open stream: No such file or directory in
/apache/htdocs/bwiberg/test/safemode/write.php on line 5





-- 
Edit this bug report at http://bugs.php.net/?id=32503&edit=1