php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23674 PHP thinks it is root
Submitted: 2003-05-17 19:06 UTC Modified: 2003-05-18 08:39 UTC
From: cryo at diku dot dk Assigned:
Status: Not a bug Package: PHP options/info functions
PHP Version: 4.3.1 OS: Linux (kernel 2.4.20, gcc 3.2.2)
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: cryo at diku dot dk
New email:
PHP Version: OS:

 

 [2003-05-17 19:06 UTC] cryo at diku dot dk
When running apache as usual, ie. started as root and 
with configuration directives User apache and Group 
apache, the parent apache process continues to run as 
root, as per the apache manual.

When invoking any of the get_myuid, get_mygid etc. 
functions however, they always return 0 ie. the root 
user, which is what the parent process runs under. If 
you try to perform any file operation however, it is 
clear that PHP is really NOT root, since it fails 
unless the file is owned or accessible by the apache 
user or group.

This has a serious impact on safe_mode, as php then 
checks every file you work with if it's owned by root. 
Finding that it isn't, it aborts the operation. If it 
IS owned by root, then apache goes ahead and fails with 
permission denied, since PHP is still not root and 
never will be.

I made a PHP script which first displayed the 
getmyuid() and getmygid() values, and then (using back 
pings) ran a program which printed out its own uid, 
gid, euid and egid. The result:

Running as 0/0 (user root).
Results from iddump:

          User id : 81
          Group id: 81
Effective user id : 81
Effective group id: 81

uid/gid 81 would be the apache user/group. I guess the 
bug is somewhat caused by the parent process of apache 
running as root:root, but then again, as is also 
evident when performing file operations, PHP really is 
NOT running as the user/group it thinks.

My apache info:
Server Version: Apache/1.3.27 (Unix)  (Gentoo/Linux) 
mod_ssl/2.8.14 OpenSSL/0.9.6i PHP/4.3.1

My PHP configuration is as follows:
./configure' '--prefix=/usr' '--with-bz2' '--enable-
ftp' '--enable-force-cgi-redirect' '--enable-discard-
path' '--enable-mime-magic' '--enable-wddx' '--enable-
dbase' '--with-zlib=yes' '--with-iconv' '--enable-
bcmath' '--enable-sysvsem' '--enable-exif' '--enable-
sysvshm' '--enable-sockets' '--enable-calendar' '--
enable-trans-sid' '--enable-safe-mode' '--enable-
versioning' '--enable-track-vars' '--enable-inline-
optimization' '--with-config-file-path=/etc/php4' '--
host=i686-pc-linux-gnu' '--without-readline' '--with-
pam' '--with-gettext' '--with-openssl' '--with-gdbm=/
usr' '--with-db3=/usr' '--with-mysql=/usr' '--with-
jpeg-dir=/usr' '--with-pspell' '--with-png-dir=/usr' 
'--with-zlib' '--with-zlib-dir=/usr/lib' '--with-exec-
dir=/usr/bin' '--with-apxs=/usr/sbin/apxs' '--with-xml' 
'--with-dom' '--with-mcrypt' '--with-mhash' '--disable 
posix-threads'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-05-18 08:39 UTC] sniper@php.net
This script:

<?php                                                                                         
        
echo getmyuid(); 
echo "<br>";
echo getmygid();

?>

Outputs:

501
501

(user/group: nobody)

So you're just doing something wrong.
And in any case not possibly a PHP bug..

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 20:01:29 2024 UTC