PHP :: Bug #17162 :: unlink() bypasses safe

Bug #17162	unlink() bypasses safe_mode
Submitted:	2002-05-12 10:38 UTC	Modified:	2002-05-12 11:46 UTC
From:	ilia at prohost dot org	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	4.2.0	OS:	Linux 2.4.18
Private report:	No	CVE-ID:	None

View Developer Edit

[2002-05-12 10:38 UTC] ilia at prohost dot org

unlink() function can be used to delete files that user does not have permissions to delete.

Ex.

touch test;
ls -l test;
-rw-r--r--   1 forum    forum           0 May 12 10:33 test

ls -l a.php
-rw-rw-rw-   1 www      www            35 May 12 10:33 a.php
a.php:
<?php unlink('test'); ?>

after a.php is run via the web the file test is GONE!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-05-12 10:40 UTC] ilia at prohost dot org

I forgot to add, the webserver runs as user/group "www".

[2002-05-12 10:41 UTC] derick@php.net

This has nothing to do with file permissions, update summary

Derick

[2002-05-12 11:46 UTC] rasmus@php.net

Also not a bug, you can unlink files in directories you own.  In this case "directories you own" means a directory owned by the user id that owns the current script.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Sep 06 17:00:01 2025 UTC