php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #39073 safe_mode_include_dir not honored
Submitted: 2006-10-07 08:09 UTC Modified: 2006-10-08 00:12 UTC
From: jim at centerfuse dot net Assigned:
Status: Not a bug Package: Safe Mode/open_basedir
PHP Version: 5.1.6 OS: FreeBSD 4.11
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jim at centerfuse dot net
New email:
PHP Version: OS:

 

 [2006-10-07 08:09 UTC] jim at centerfuse dot net 
Description:
------------
Just upgraded to php 5.1.6, and safe_mode_include_dir doesn't appear to be honored. I'm running with safe mode = On and one directory in the include_dir. Trying to include/fopen/etc any file from that directory results in a safemode UID restriction. phpinfo() shows that PHP is reading the correct configuration file and that it knows about safe_mode_include_dir. 

Reproduce code:
---------------
//in php.ini: safe_mode_include_dir = "/usr/local/share/FUSE")

$fp = fopen('/usr/local/share/FUSE/FUSE-main.php', 'r')



Expected result:
----------------
fopen should return file pointer

Actual result:
--------------
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 1006 is not allowed to access /usr/local/share/FUSE/FUSE-main.php owned by uid 0 in /home/context/public_html/test.php on line 13

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-07 08:10 UTC] jim at centerfuse dot net 
note, the trailing parentheses that appears in my reproduce code after the safe_mode_include_dir is *not* present in php.ini, it was a typo.
 [2006-10-07 09:19 UTC] jim at centerfuse dot net 
get_cfg_var() and ini_get() both return the correct safe_mode_include_dir, but it seems to just be ignored. Just for good measure, I also tried using a different directory altogether, but got the same results.
 [2006-10-07 19:19 UTC] jim at centerfuse dot net 
This bug does not seem to affect require_once(), require(), or include(), which are still able to access the file from a different UID (as long as safe_mode_include_dir is set as it should be). However, other file operations such as file_exists and fopen fail. In the example below, note that the include() succeeds because the output does say "this is the test file"

====
CODE
====
//
// safe_mode_include_dir is /home/php_include_test
// 
// the file /home/php_include_test/test 
// simply says "this is the test file<br />"

$test_file = '/home/php_include_test/test';

include($test_file);

if ( file_exists($test_file) ) {
        echo 'Test file exists.<br />';
}
else {
        echo 'Test file does not exist<br />';
}

if ( is_readable($test_file) ) {
        echo 'Test file is readable.<br />';
}
else {
        echo 'Test file not readable<br />';
}

if ( $fp = fopen($test_file, 'r') ) {
        echo 'Test file opened for read.<br />';
        fclose($fp);
}
else {
        echo 'Test file could not be opened for read<br />';
}

=======
OUTPUT
=======
this is the test file
Test file does not exist
Test file not readable

Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 1010 is not allowed to access /home/php_include_test/test owned by uid 0 in /home/www/jim/public_html/jimtest.php on line 21

Warning: fopen(/home/php_include_test/test) [function.fopen]: failed to open stream: Inappropriate ioctl for device in /home/www/jim/public_html/jimtest.php on line 21
Test file could not be opened for read
 [2006-10-07 20:31 UTC] tony2001@php.net 
The ini directive is called safe_mode_*INCLUDE*_dir.
Please read what it's used for: http://www.php.net/manual/en/features.safe-mode.php
 [2006-10-08 00:12 UTC] jim at centerfuse dot net 
file_exists() had previously worked for me in safe mode, most likely because I was using PHP 5.1.4, which was subject to bug #37987 (invalid return of file_exists() in safe mode). My apologies for the bogus bug, but you can understand my confusion.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Jul 01 04:01:36 2025 UTC