From: christian at elmerot dot se
Operating system: Debian Etch, Lenny
PHP version: 5.3.0
PHP Bug Type: Safe Mode/open_basedir
Bug description: safe_mode_include_dir fails
Description:
------------
Using the following config options ignores the safe_mode_include_dir and
does a uid-check even though the php-file is in the safe_mode_include_dir.
This is likely still present in 5.3.1RC2
safe_mode = On
safe_mode_include_dir = /usr/share/php
include_path = ".:/usr/share/php"
The following code:
<?php
require_once("PEAR/Exception.php");
echo "OK";
?>
To me it appears that PHP 5.3.x now use a different code-path to open
files as the following patch against the function
php_plain_files_stream_opener 5.3.0 solves the issue for us as it appears
there is no safe_mode_include_dir-check although there is a safe_mode
uid-check:
--- main/streams/plain_wrapper.c 2009-11-03 15:52:59.414872711 +0100
+++ main/streams/plain_wrapper.c 2009-11-03 15:52:59.420045302 +0100
@@ -988,6 +988,10 @@
return NULL;
}
+ if ((php_check_safe_mode_include_dir(path TSRMLS_CC)) == 0) {
+ return php_stream_fopen_rel(path, mode, opened_path, options);
+ }
+
if ((options & ENFORCE_SAFE_MODE) && PG(safe_mode) &&
(!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM)))
return NULL;
Reproduce code:
---------------
<?php
require_once("PEAR/Exception.php");
echo "OK";
?>
Expected result:
----------------
OK
Actual result:
--------------
Warning: require() [function.require]: SAFE MODE Restriction in effect.
The script whose uid is 771909 is not allowed to access
/usr/share/php/PEAR/Exception.php owned by uid 0 in
/xxxxxxxxxxxxx/peartest.php on line 2
Warning: require(/usr/share/php/PEAR/Exception.php) [function.require]:
failed to open stream: No such file or directory in
/xxxxxxxxxxxxx/peartest.php on line 2
Fatal error: require() [function.require]: Failed opening required
'PEAR/Exception.php' (include_path='.:/usr/share/php') in
/xxxxxxxxxxxxx/peartest.php on line 2
--
Edit bug report at http://bugs.php.net/?id=50063&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=50063&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=50063&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=50063&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=50063&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=50063&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=50063&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=50063&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=50063&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=50063&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=50063&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=50063&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=50063&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=50063&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=50063&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50063&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=50063&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=50063&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=50063&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=50063&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=50063&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=50063&r=mysqlcfg
