php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #49620 is_writeable does not work using netshare and normal user rights
Submitted: 2009-09-22 07:52 UTC Modified: 2009-11-01 12:08 UTC
Votes:13
Avg. Score:4.5 ± 0.7
Reproduced:11 of 11 (100.0%)
Same Version:7 (63.6%)
Same OS:8 (72.7%)
From: philipp at servicemail24 dot de Assigned: pajoye (profile)
Status: Suspended Package: *Directory/Filesystem functions
PHP Version: 5.3.0 OS: win32 only - Windows XP SP2
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: philipp at servicemail24 dot de
New email:
PHP Version: OS:

 

 [2009-09-22 07:52 UTC] philipp at servicemail24 dot de
Description:
------------
PHP 5.3.0 and 5.3.1RC1 has a bug in the is_readable and is_writeable function if you execute a script with normal windows user rights.

The same test script works fine using PHP 5.2.x. Providing admin rights for the user solves the problem but this is not a long term solution for us.

All tested PHP releases are VC6 TS

PHP 5.2.10 -> OK
PHP 5.2.11 -> OK
PHP 5.3.0 -> FAILED
PHP 5.3.1RC1 -> FAILED

Reproduce code:
---------------
$folders = array(	'\\\\10.1.1.1\\share',
					'\\\\srv\\share',
					'd:/temp'
				);

foreach($folders as $folder) {

	if(@!is_readable($folder)) {
		echo('FAILED is_readable: ' . $folder . "\n");
	} else {
		echo "OK is_readable:  " . $folder . "\n";
	}

	if(@!is_writeable($folder)) {
		echo('FAILED is_writeable: ' . $folder . "\n");
	} else {
		echo "OK is_writeable:  " . $folder . "\n";
	}

	$filename = $folder . '\\test.txt';

	if(@!file_put_contents($filename, 'php test')) {
		echo('FAILED file_put_contents: ' . $filename . "\n");
	} else {
		echo "OK file_put_contents:  " . $filename . "\n";
	}
}


Expected result:
----------------
OK is_readable:  \\10.1.1.1\share
OK is_writeable:  \\10.1.1.1\share
OK file_put_contents:  \\10.1.1.1\share\test.txt
OK is_readable:  \\srv\share
OK is_writeable:  \\srv\share
OK file_put_contents:  \\srv\share\test.txt
OK is_readable:  d:/temp
OK is_writeable:  d:/temp
OK file_put_contents:  d:/temp\test.txt

Actual result:
--------------
FAILED is_readable:  \\10.1.1.1\share
FAILED is_writeable:  \\10.1.1.1\share
OK file_put_contents:  \\10.1.1.1\share\test.txt
FAILED is_readable:  \\srv\share
FAILED is_writeable:  \\srv\share
OK file_put_contents:  \\srv\share\test.txt
OK is_readable:  d:/temp
OK is_writeable:  d:/temp
OK file_put_contents:  d:/temp\test.txt

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-09-22 08:43 UTC] pajoye@php.net
Under which SAPI do you run it? CLI, FCGI or apache?

Can you try again using
http://windows.php.net/downloads/qa/test/php-5.3.2-dev-nts-Win32-VC9-x86.zip

please?
 [2009-09-22 08:58 UTC] philipp at servicemail24 dot de
php-5.3.2-dev-nts-Win32-VC9-x86 has the same problem.

I run this script using CLI (cmd.exe Terminal running php.exe)
 [2009-09-22 10:11 UTC] jani@php.net
Why did you add a comment? The link sent to you does not take you to the "Add comment page" but to the "edit your submission". Next time when someone asks for feedback, use the proper method in replying.
 [2009-09-22 14:38 UTC] pajoye@php.net
Please try http://windows.php.net/downloads/qa/test/php-5.3.2-dev-nts-Win32-VC9-x86-200909221530.zip

I have tested it successfully using various shares (and other ACL related issues).
 [2009-09-22 14:39 UTC] pajoye@php.net
@Jani
I don't use mails to reply but only the web frontend. This tracker is almost useless, there is really no need to make it even worst by polluting issues with unrelated comments :)
 [2009-09-23 07:30 UTC] philipp at servicemail24 dot de
php-5.3.2-dev-nts-Win32-VC9-x86-200909221530.zip does not help either.

The problem does not occur using samba servers. But it occurs with all windows severs I have.

I am logged in at my workstation using my normal user account with admin rights. Then I use RUNASSPC to get a cmd shell.

http://www.robotronic.de/runasspcEn.html

This is my batch file:

rem @ECHO OFF

REM = = = = = MODIFY HERE TO FIT TO YOUR PATH = = = =

SET TESTUNITPATH=D:\php\
SET TESTUNITCOMMAND=c:\php\5.3.2\php.exe test.php

SET ELSDOMAIN=localhost
SET ELSUSERNAME=testuser
SET ELSPASSWORD=testpassword

REM = = = = = DO NOT EDIT BELOW = = = = = = = = = = =

runasspc.exe  /program:"%systemroot%\system32\cmd.exe" /param:"/k %TESTUNITCOMMAND%" /executein:"%TESTUNITPATH%" /domain:"%ELSDOMAIN%" /user:"%ELSUSERNAME%" /password:"%ELSPASSWORD%"
 [2009-09-23 08:10 UTC] philipp at servicemail24 dot de
I extended my test script with further file sys related functions:

	if(@!is_dir($folder)) {
		echo('FAILED is_dir: ' . $folder . "\n");
	} else {
		echo "OK is_dir:  " . $folder . "\n";
	}

	if ($dh = @opendir($folder)) {
		closedir($dh);
		echo "OK opendir:  " . $folder . "\n";
	} else {
		echo('FAILED opendir: ' . $folder . "\n");
	}

	if(@!is_readable($folder)) {
		echo('FAILED is_readable: ' . $folder . "\n");
	} else {
		echo "OK is_readable:  " . $folder . "\n";
	}

	if(@!is_writeable($folder)) {
		echo('FAILED is_writeable: ' . $folder . "\n");
	} else {
		echo "OK is_writeable:  " . $folder . "\n";
	}

	$filename = $folder . '\\test_' . time() . '.txt';
	$content = 'php test ' . time();

	if(@!file_put_contents($filename, $content)) {
		echo('FAILED file_put_contents: ' . $filename . "\n");
	} else {
		echo "OK file_put_contents:  " . $filename . "\n";
	}

	if(@!is_readable($filename)) {
		echo('FAILED is_readable: ' . $filename . "\n");
	} else {
		echo "OK is_readable:  " . $filename . "\n";
	}

	if(@!is_writeable($filename)) {
		echo('FAILED is_writeable: ' . $filename . "\n");
	} else {
		echo "OK is_writeable:  " . $filename . "\n";
	}

	if(@!file_get_contents($filename) == $content) {
		echo('FAILED file_get_contents: ' . $filename . "\n");
	} else {
		echo "OK file_get_contents:  " . $filename . "\n";
	}

	if(@!unlink($filename)) {
		echo('FAILED unlink: ' . $filename . "\n");
	} else {
		echo "OK unlink:  " . $filename . "\n";
	}

all functions are fine expect is_readable and is_writeable:

5.3.x result:

OK is_dir:  \\10.1.1.1\share
OK opendir:  \\10.1.1.1\share
FAILED is_readable:  \\10.1.1.1\share
FAILED is_writeable: \\10.1.1.1\share
OK file_put_contents:  \\10.1.1.1\share\test_1253693124.txt
FAILED is_readable:  \\10.1.1.1\share\test_1253693124.txt
FAILED is_writeable: \\10.1.1.1\share\test_1253693124.txt
OK file_get_contents:  \\10.1.1.1\share\test_1253693124.txt
OK unlink:  \\10.1.1.1\share\test_1253693124.txt
OK is_dir:  \\srv\share
OK opendir:  \\srv\share
FAILED is_readable:  \\srv\share
FAILED is_writeable: \\srv\share
OK file_put_contents:  \\srv\share\test_1253693124.txt
FAILED is_readable:  \\srv\share\test_1253693124.txt
FAILED is_writeable: \\srv\share\test_1253693124.txt
OK file_get_contents:  \\srv\share\test_1253693124.txt
OK unlink:  \\srv\share\test_1253693124.txt

5.2.x result:
OK is_dir:  \\10.1.1.1\share
OK opendir:  \\10.1.1.1\share
OK is_readable:  \\10.1.1.1\share
OK is_writeable: \\10.1.1.1\share
OK file_put_contents:  \\10.1.1.1\share\test_1253693124.txt
OK is_readable:  \\10.1.1.1\share\test_1253693124.txt
OK is_writeable: \\10.1.1.1\share\test_1253693124.txt
OK file_get_contents:  \\10.1.1.1\share\test_1253693124.txt
OK unlink:  \\10.1.1.1\share\test_1253693124.txt
OK is_dir:  \\srv\share
OK opendir:  \\srv\share
OK is_readable:  \\srv\share
OK is_writeable: \\srv\share
OK file_put_contents:  \\srv\share\test_1253693124.txt
OK is_readable:  \\srv\share\test_1253693124.txt
OK is_writeable: \\srv\share\test_1253693124.txt
OK file_get_contents:  \\srv\share\test_1253693124.txt
OK unlink:  \\srv\share\test_1253693124.txt
 [2009-09-23 08:20 UTC] pajoye@php.net
I'm not sure to see what's the difference with your config.

Questions:

- How did you configure the share (permissions) on 10.1.1.1

- is it a different host than the test machine?

- Pls simply try using runas, I have no idea what runaspc does internally :). Or simply login using testuser

 [2009-09-23 08:44 UTC] pajoye@php.net
Please also tell me which windows you use as server and client.
 [2009-09-23 09:27 UTC] philipp at servicemail24 dot de
ok cmd.exe using runas produces the same results.

testuser is a local user account on each system with the same password. All clients / servers are in the same domain.

Clients are 

Windows XP SP2 GERMAN x86
Windows XP SP3 GERMAN x86

Tested Servers are

Windows 2003 SP2 ENGLISH x64 
- is_readable is working here
- Share Permissions test user full control
- Folder ACL test user full control

Windows 2003 SP2 ENGLISH x86
- neither is_readable nor is_writeable is working here
- Share Permissions testuser full control
- Folder ACL testuser full control

Open-E DSS Server (samba)
- everything is fine
 [2009-09-23 09:51 UTC] pajoye@php.net
hi,

Thanks for testing :)

I can reproduce the problem with 2k3. One of the ACL problem is that the SID may not match (even if the usernames are the same). The problem goes away as long as there are domain users and not users per machine.

A working example is to have a share on windows XP, with full control to everyone or read only. In both cases is_readable or is_writable will return the correct results.

However it is not certain that I can restore 5.2's behavior. 5.2 was using (_)access, which did not do any kind of ACL checks and miserably fails for 90% of the cases. Its guest was luckily working for remote shares, but that's not guaranteed to work in every situation. 5.3 and later actually relies on AccessCheck API to do real ACL checks.

I'm setting up some more test VMs to try to find a solution. Thanks again for testing, that's very helpful.

 [2009-11-01 12:05 UTC] pajoye@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/


 [2009-11-01 12:08 UTC] pajoye@php.net
I wanted to choose suspended. As it won't make it for 5.3.1.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 23:01:29 2024 UTC