#38799 [Fbk->Opn]: open_basedir broken
ID: 38799 User updated by: chrysalis at chrysalisnet dot org Reported By: chrysalis at chrysalisnet dot org -Status: Feedback +Status: Open Bug Type: PHP options/info functions Operating System: freebsd 6.x and 5.x PHP Version: 4.4.4 New Comment: its now working with both zend optimiser and eaccelerator and the local basedir value enabled in httpd.conf. I turned off caching to disk in eaccelerator which means its flushed on every apache restart, I guess the problem may have been a cached copy of the script or just some freak occurance. I will disable the disk caching on the 2nd machine as well (this happening on 2 different servers but setup same way) and see if that fixes it for that machine. Previous Comments: [2006-09-14 08:21:08] [EMAIL PROTECTED] So, does it work for you now? [2006-09-13 20:20:10] chrysalis at chrysalisnet dot org ok the httpd.conf removed [2006-09-13 20:17:28] [EMAIL PROTECTED] Yes, only php.ini, no php_admin_* directives. [2006-09-13 20:16:43] chrysalis at chrysalisnet dot org ok this is now working I apologise as I remember doing this before and there was still a problem, I will leave the modules disabled until you are ready or for an hour or so. [2006-09-13 20:14:40] chrysalis at chrysalisnet dot org ok the modules are now disabled, its already set in php.ini I believed this is just for the master value? Or do you want it completely removed from the vhost container so there is only a master value? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38799 -- Edit this bug report at http://bugs.php.net/?id=38799&edit=1
#38799 [Fbk->Opn]: open_basedir broken
ID: 38799 User updated by: chrysalis at chrysalisnet dot org Reported By: chrysalis at chrysalisnet dot org -Status: Feedback +Status: Open Bug Type: PHP options/info functions Operating System: freebsd 6.x and 5.x PHP Version: 4.4.4 New Comment: ok the httpd.conf removed Previous Comments: [2006-09-13 20:17:28] [EMAIL PROTECTED] Yes, only php.ini, no php_admin_* directives. [2006-09-13 20:16:43] chrysalis at chrysalisnet dot org ok this is now working I apologise as I remember doing this before and there was still a problem, I will leave the modules disabled until you are ready or for an hour or so. [2006-09-13 20:14:40] chrysalis at chrysalisnet dot org ok the modules are now disabled, its already set in php.ini I believed this is just for the master value? Or do you want it completely removed from the vhost container so there is only a master value? [2006-09-13 20:08:37] [EMAIL PROTECTED] And please disable (temporarily) eAccelerator and all other modules which affect PHP functionality. [2006-09-13 20:07:28] [EMAIL PROTECTED] What if you set it in php.ini instead of httpd.conf? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38799 -- Edit this bug report at http://bugs.php.net/?id=38799&edit=1
#38799 [Fbk->Opn]: open_basedir broken
ID: 38799 User updated by: chrysalis at chrysalisnet dot org Reported By: chrysalis at chrysalisnet dot org -Status: Feedback +Status: Open Bug Type: PHP options/info functions Operating System: freebsd 6.x and 5.x PHP Version: 4.4.4 New Comment: ok the modules are now disabled, its already set in php.ini I believed this is just for the master value? Or do you want it completely removed from the vhost container so there is only a master value? Previous Comments: [2006-09-13 20:08:37] [EMAIL PROTECTED] And please disable (temporarily) eAccelerator and all other modules which affect PHP functionality. [2006-09-13 20:07:28] [EMAIL PROTECTED] What if you set it in php.ini instead of httpd.conf? [2006-09-13 19:58:08] chrysalis at chrysalisnet dot org ok here is info your requested include("/etc/passwd"); is the exact line I used in the php file, this generates the following in the apache error_log for the vhost. [Wed Sep 13 20:51:48 2006] [error] PHP Warning: main() [function.main]: open_basedir restriction in effect. File(/etc/passwd) is not within the allowed path(s): (/home/chrysalis/:/tmp/:/var/www/:/var/uebimiau:/usr/local/lib/php/:/etc/virtual/:/usr/uebimiau) in /home/chrysalis/domains/chrysalisnet.org/public_html/exploit.php on line 17 [Wed Sep 13 20:51:48 2006] [error] PHP Warning: main(/etc/passwd) [function.main]: failed to open stream: Operation not permitted in /home/chrysalis/domains/chrysalisnet.org/public_html/exploit.php on line 17 this indicates to me open_basedir is in effect as its generating the correct log entry but then the /etc/passwd is displayed in the browser window. in phpinfo I get the following data for open_basedir local value. open_basedir /home/chrysalis/:/tmp/:/var/www/:/var/uebimiau:/usr/local/lib/php/:/etc/virtual/:/usr/uebimiau master value is the same with 1 extra dir /etc/awstats url temporarily up for your conveniance http://www.chrysalisnet.org/phpinfo.php the master value is set in php.ini the local value is set in a vhost container in httpd.conf using "php_admin_value open_basedir" I checked the exact same script on php 5.1.5 which has the same php settings other then php 5 specific settings and works as it should, I am about to try with php 4.4.3 to see if that has the same behaviour. [2006-09-13 19:36:33] [EMAIL PROTECTED] What you said is just "include "/etc/passwd" displays the contents of this file". Why do you think open_basedir is even set? What is the value? Where did you set it? How did you set it? What is the value in phpinfo()? Did you check it with other files? I'll add more questions afterwards. [2006-09-13 19:02:46] chrysalis at chrysalisnet dot org what other information do you need? its a very simple bug and easy to test, the only think I havent done that is on the how to report page is tested the cvs version. when I submitted the report I was told to add a 'brief' description of the problem so for that reason it wasnt detailed, then I was asked to provide the code that you can test with also provided and finally the php version and os version both supplied. apache version is 1.3.37 php reccomended ini file used changes were open base dir and zone optimiser and eaccelerator, however tried with both zend optimiser and eaccelerator and the behaviour remained. mysql version 4.1.x but this is just basic php code no database involved. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38799 -- Edit this bug report at http://bugs.php.net/?id=38799&edit=1
#38799 [Fbk->Opn]: open_basedir broken
ID: 38799 User updated by: chrysalis at chrysalisnet dot org Reported By: chrysalis at chrysalisnet dot org -Status: Feedback +Status: Open Bug Type: PHP options/info functions Operating System: freebsd 6.x and 5.x PHP Version: 4.4.4 New Comment: ok here is info your requested include("/etc/passwd"); is the exact line I used in the php file, this generates the following in the apache error_log for the vhost. [Wed Sep 13 20:51:48 2006] [error] PHP Warning: main() [function.main]: open_basedir restriction in effect. File(/etc/passwd) is not within the allowed path(s): (/home/chrysalis/:/tmp/:/var/www/:/var/uebimiau:/usr/local/lib/php/:/etc/virtual/:/usr/uebimiau) in /home/chrysalis/domains/chrysalisnet.org/public_html/exploit.php on line 17 [Wed Sep 13 20:51:48 2006] [error] PHP Warning: main(/etc/passwd) [function.main]: failed to open stream: Operation not permitted in /home/chrysalis/domains/chrysalisnet.org/public_html/exploit.php on line 17 this indicates to me open_basedir is in effect as its generating the correct log entry but then the /etc/passwd is displayed in the browser window. in phpinfo I get the following data for open_basedir local value. open_basedir /home/chrysalis/:/tmp/:/var/www/:/var/uebimiau:/usr/local/lib/php/:/etc/virtual/:/usr/uebimiau master value is the same with 1 extra dir /etc/awstats url temporarily up for your conveniance http://www.chrysalisnet.org/phpinfo.php the master value is set in php.ini the local value is set in a vhost container in httpd.conf using "php_admin_value open_basedir" I checked the exact same script on php 5.1.5 which has the same php settings other then php 5 specific settings and works as it should, I am about to try with php 4.4.3 to see if that has the same behaviour. Previous Comments: [2006-09-13 19:36:33] [EMAIL PROTECTED] What you said is just "include "/etc/passwd" displays the contents of this file". Why do you think open_basedir is even set? What is the value? Where did you set it? How did you set it? What is the value in phpinfo()? Did you check it with other files? I'll add more questions afterwards. [2006-09-13 19:02:46] chrysalis at chrysalisnet dot org what other information do you need? its a very simple bug and easy to test, the only think I havent done that is on the how to report page is tested the cvs version. when I submitted the report I was told to add a 'brief' description of the problem so for that reason it wasnt detailed, then I was asked to provide the code that you can test with also provided and finally the php version and os version both supplied. apache version is 1.3.37 php reccomended ini file used changes were open base dir and zone optimiser and eaccelerator, however tried with both zend optimiser and eaccelerator and the behaviour remained. mysql version 4.1.x but this is just basic php code no database involved. [2006-09-13 08:02:35] [EMAIL PROTECTED] Not enough information was provided for us to be able to handle this bug. Please re-read the instructions at http://bugs.php.net/how-to-report.php If you can provide more information, feel free to add it to this bug and change the status back to "Open". Thank you for your interest in PHP. [2006-09-13 01:16:30] chrysalis at chrysalisnet dot org Description: open_basedir is not working on include eg. include("/etc/passwd");, displays the appropriate denied in error log but doesnt actually block the code and can access files outside of open_basedir. Reproduce code: --- Expected result: a blank page as what happens on php 5.1.5 Actual result: -- it displays the full contents of the /etc/passwd file. -- Edit this bug report at http://bugs.php.net/?id=38799&edit=1
#38799 [Fbk->Opn]: open_basedir broken
ID: 38799 User updated by: chrysalis at chrysalisnet dot org Reported By: chrysalis at chrysalisnet dot org -Status: Feedback +Status: Open Bug Type: PHP options/info functions Operating System: freebsd 6.x and 5.x PHP Version: 4.4.4 New Comment: what other information do you need? its a very simple bug and easy to test, the only think I havent done that is on the how to report page is tested the cvs version. when I submitted the report I was told to add a 'brief' description of the problem so for that reason it wasnt detailed, then I was asked to provide the code that you can test with also provided and finally the php version and os version both supplied. apache version is 1.3.37 php reccomended ini file used changes were open base dir and zone optimiser and eaccelerator, however tried with both zend optimiser and eaccelerator and the behaviour remained. mysql version 4.1.x but this is just basic php code no database involved. Previous Comments: [2006-09-13 08:02:35] [EMAIL PROTECTED] Not enough information was provided for us to be able to handle this bug. Please re-read the instructions at http://bugs.php.net/how-to-report.php If you can provide more information, feel free to add it to this bug and change the status back to "Open". Thank you for your interest in PHP. [2006-09-13 01:16:30] chrysalis at chrysalisnet dot org Description: open_basedir is not working on include eg. include("/etc/passwd");, displays the appropriate denied in error log but doesnt actually block the code and can access files outside of open_basedir. Reproduce code: --- Expected result: a blank page as what happens on php 5.1.5 Actual result: -- it displays the full contents of the /etc/passwd file. -- Edit this bug report at http://bugs.php.net/?id=38799&edit=1