PHP :: Bug #16042 :: mkdir no longer works correcrly (wrong UID)

Bug #16042	mkdir no longer works correcrly (wrong UID)
Submitted:	2002-03-13 09:26 UTC	Modified:	2002-03-13 10:23 UTC
From:	happycloud at undream dot com	Assigned:	jflemer (profile)
Status:	Not a bug	Package:	*Directory/Filesystem functions
PHP Version:	4.1.2	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	happycloud at undream dot com
New email:
PHP Version:		OS:

New Comment:

[2002-03-13 09:26 UTC] happycloud at undream dot com

ENV:
Linux 2.2.19/apache 1.3.23/ Safe mode on, latest security 
update

The following simple scripts no longer work:
<?

mkdir('/var/www/web/test/testfolder' , 0777);
mkdir('/var/www/web/test/testfolder/another', 0777);
?>
It generates: SAFE MODE Restriction in effect. ?The script 
whose uid is 48561 is not allowed to
?access /var/www/web/test/testfolder owned by uid 98 in ..

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-03-13 09:49 UTC] sander@php.net

The bug system is not the appropriate forum for asking support
questions. For a list of a range of more appropriate places to ask
for help using PHP, please visit http://www.php.net/support.php

[2002-03-13 09:57 UTC] happycloud at undream dot com

This is NOT a support question! 
We have lost 37 websites in the last few days due to a BUG 
in the security update. Come on people! I provided a 
sample script not because I need help, but because I 
thought you did. We are hacking into the php core now to 
get it running again as we are a hosting service and ALL 
AND EVERY WEBSITE USING PHP's mkdir function do not work 
because of a problem (READ BUG) with the uid setup.

[2002-03-13 10:02 UTC] mfischer@php.net

Which working version were you using prior ?

[2002-03-13 10:05 UTC] jflemer@php.net

Is it creating the first directory "testfolder", or does it fail on the first mkdir()?

[2002-03-13 10:23 UTC] rasmus@php.net

The second mkdir() will fail with a safe_mode restriction as it should.  This is not a bug.  Files or directories created by PHP when PHP is running as an Apache module will be owned by the Apache user id.  There is simply no way around that given the current state of Apache.  And the safe-mode restriction correctly restricts you from creating a directory inside a directory not owned by the same uid as the script.  The fact that it worked before was a security problem which was fixed.

If you want to be able to do something like this, you should consider using the open_basedir restriction mechanism where all these checks are done based on the base directory and anything the user does within/beneath that base directory is ok.  

Please read  http://www.php.net/manual/en/features.safe-mode.php and http://www.php.net/manual/en/configuration.php#ini.open-basedir

[2002-04-16 12:58 UTC] byg at cf1 dot ru

Actually, this is not a completely bogus claim.
Problem is really in safe_mode.c and inconvenient
limitations of safe_mode (e.g. see BUG 7204).
Mmm, I set safe_mode_include_dir to '/var/www/web'
(so I assume that uid/gid of all scripts in '/var/www/web'
should be taken in account, is it?)
But I've got the same error as here. It's a bug anyway.
Problem was sligthly reduced by safe_mode_gid and
safe_mode_include_dir.
I see the only way:
to have an optional php setting for a group (list of such groups?) which may and can to create/own PHP-scripts though
they could not in the same group as php itself.
Typical usage:
developer teams with default different groups
(project1, project2 and so on) which differ with www/apache user gid. These groups should be explicitly specified in either php.ini or on per-server basis (php_admin_value).

Has it sense?
I'm confused by possible overhead on getgrnam.

Probably it affects files: safe_mode.c, main.c, php_ini.c.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 16:01:28 2024 UTC