From:
Operating system: Windows Server 2008 R2
PHP version: 5.3.6
Package: Filesystem function related
Bug Type: Bug
Bug description:upload_tmp_dir and permissions
Description:
------------
Hi,
I have a problem with the ini_set upload_tmp_dir. In my scenario it is
ignored and it's used the default value ("C:\Windows\Temp").
My configuration is the following:
OS: Windows Server 2008 R2 (with IIS 7.5)
php: 5.3.3 (also tried with 5.3.6). Both with fastCgi enabled (with
impersonating correctly enabled).
Main entries of the related php.ini
include_path = ".;C:\inetpub\wwwroot\MYSITE\"
upload_tmp_dir = "C:\inetpub\wwwroot\SESSION"
session.save_path = "C:\inetpub\wwwroot\SESSION"
doc_root = "C:\inetpub\wwwroot\MYSITE\"
open_basedir = "C:\inetpub\wwwroot\MYSITE\"
Permissions of the related IUSR user on the preceding folder:
Full control on "C:\inetpub\wwwroot\SESSION"
Read & Execute, List folder contents, Read on all the directory (including
all the content) "C:\inetpub\wwwroot\MYSITE"
Full control on "C:\inetpub\wwwroot\MYSITE\upload"
With the preceding configuration a warning occurs when I try to upload a
file.
The warning is related to the operations performed before moving the file
from the temporary directory to the final directory.
PHP Warning: Unknown: open_basedir restriction in effect.
File(C:\Windows\TEMP\) is not within the allowed path(s):
(C:\inetpub\wwwroot\MYSITE\) in Unknown on line 0
PHP Warning: File upload error - unable to create a temporary file in
Unknown on line 0
Because the preceding warning, I concluded that the upload_tmp_dir entry
was not correctly received by the php engine.
The php documentation
(http://www.php.net/manual/en/ini.core.php#ini.upload-tmp-dir)
says that "If the directory specified here is not writable, PHP falls back
to the system default temporary directory."
But in my case the directory was writable.
Debugging the request with Process Monitor (a Russinovich software), I've
found that the php-cgi.exe doesn't perform any operation
with the IUSR user and the following path "C:\inetpub\wwwroot\SESSION".
Only the path "C:\inetpub\wwwroot" (the parent) was checked,
with ACCESS DENIED (rightly,because the IUSR user doesn't own any
permission on that directory).
So I tried to create a new folder within the "C:\inetpub\wwwroot\SESSION"
directory with name A (path "C:\inetpub\wwwroot\SESSION\A"),
in a manner that the parent of the A directory were accessible from the
IUSR user. And I've changed the ini upload_tmp_dir with the
value "C:\inetpub\wwwroot\SESSION\A"
With this configuration it works without any warning and the file has been
correctly sent:
Main entries of the related php.ini:
include_path = ".;C:\inetpub\wwwroot\MYSITE\"
upload_tmp_dir = "C:\inetpub\wwwroot\SESSION\A"
session.save_path = "C:\inetpub\wwwroot\SESSION"
doc_root = "C:\inetpub\wwwroot\MYSITE\"
open_basedir = "C:\inetpub\wwwroot\MYSITE\"
Permissions of the related IUSR user on the preceding folder:
Full control on "C:\inetpub\wwwroot\SESSION"
Read & Execute, List folder contents, Read on all the directory (including
all the content) "C:\inetpub\wwwroot\MYSITE"
Full control on "C:\inetpub\wwwroot\MYSITE\upload"
Then I've experienced that the necessary condition of a working
upload_tmp_dir is that two requirements are satisfied:
- the user IUSR owns the writable rights on the upload_tmp_dir directory
- the user IUSR owns the List folders content right on the parent of the
upload_tmp_dir directory
I think that it isn't the desirable behaviour. Anyone of us can confirm
that?
Thanks.
--
Edit bug report at https://bugs.php.net/bug.php?id=60005&edit=1
--
Try a snapshot (PHP 5.2):
https://bugs.php.net/fix.php?id=60005&r=trysnapshot52
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=60005&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=60005&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=60005&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=60005&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=60005&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=60005&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=60005&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=60005&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=60005&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=60005&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=60005&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=60005&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=60005&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=60005&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=60005&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=60005&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=60005&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=60005&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=60005&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=60005&r=mysqlcfg
