PHP :: Bug #17162 :: unlink() bypasses safe

Bug #17162	unlink() bypasses safe_mode
Submitted:	2002-05-12 10:38 UTC	Modified:	2002-05-12 11:46 UTC
From:	ilia at prohost dot org	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	4.2.0	OS:	Linux 2.4.18
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	ilia at prohost dot org
New email:
PHP Version:		OS:

New Comment:

[2002-05-12 10:38 UTC] ilia at prohost dot org

unlink() function can be used to delete files that user does not have permissions to delete.

Ex.

touch test;
ls -l test;
-rw-r--r--   1 forum    forum           0 May 12 10:33 test

ls -l a.php
-rw-rw-rw-   1 www      www            35 May 12 10:33 a.php
a.php:
<?php unlink('test'); ?>

after a.php is run via the web the file test is GONE!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-05-12 10:40 UTC] ilia at prohost dot org

I forgot to add, the webserver runs as user/group "www".

[2002-05-12 10:41 UTC] derick@php.net

This has nothing to do with file permissions, update summary

Derick

[2002-05-12 11:46 UTC] rasmus@php.net

Also not a bug, you can unlink files in directories you own.  In this case "directories you own" means a directory owned by the user id that owns the current script.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Sep 07 08:00:02 2025 UTC