php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #26310 open_basedir error in a dir
Submitted: 2003-11-19 03:31 UTC Modified: 2005-01-31 23:32 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: coder at paco dot net Assigned:
Status: Not a bug Package: Safe Mode/open_basedir
PHP Version: 4.3.4 OS: Solaris 8
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: coder at paco dot net
New email:
PHP Version: OS:

 

 [2003-11-19 03:31 UTC] coder at paco dot net 
Description:
------------
Strange problem with PHP 4.3.4 on Solaris

phpinfo() you can see here http://coder.paco.net/phpinfo.php
test scripts here:
http://coder.paco.net/test/err.php
http://coder.paco.net/err.php

when i try to open file (file('filename.ext')) from root dir everythig fine, but when from dir "/test" open_basedir restriction error appears.
With full path to file all ok, with ./ path also ok.

Config line: './configure' '--with-apache=../apache_1.3.27rusPL30.17' '--with-mod_charset' '--with-gd=/usr/local' '--with-mysql=/usr/local/mysql' '--with-dbase' '--enable-track-vars' '--enable-memory-limit' '--with-db3=/usr/local/BerkeleyDB.3.3' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr/local' '--with-freetype-dir=/usr/local' '--with-zlib-dir=/usr/local' '--with-dom=/usr/local' '--with-iconv=/usr/local' '--with-mnogosearch=/usr/local/mnogo'

PHP-ini: 
open_basedir	/opt/www/docs:/opt/www/udocs:/opt/www/virtual:/var/tmp/phpupload:/export/home:../:./
include_path	.:..:/usr/local/lib/php
safe_mode	Off

Reproduce code:
---------------
$file = file("/www/udocs/coder/public_html/test/read.php");
$file = file("read.php"); //error string
$file = file("./read.php");



Expected result:
----------------
I expect all files opened.

Actual result:
--------------
file('/www/udocs/coder/public_html/test/read.php'); open file from curren dir with full path
Array ( [0] => file in "test" dir )

file('read.php'); open file from curren dir

Warning: file(): open_basedir restriction in effect. File(read.php) is not within the allowed path(s): (/opt/www/docs:/opt/www/udocs:/opt/www/virtual:/var/tmp/phpupload:/export/home:../:./) in /opt/www/udocs/coder/public_html/test/err.php on line 8

Warning: file(read.php): failed to open stream: Not owner in /opt/www/udocs/coder/public_html/test/err.php on line 8

--

-- $file = file('./read.php'); open file from current dir as ./
Array ( [0] => file in "test" dir )

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-19 18:36 UTC] sniper@php.net 
sorry, but this is propably the dumbest way to use open_basedir..allowing ./ is pretty much same as not setting open_basedir at all:

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
;open_basedir =
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 07:01:30 2024 UTC