PHP :: Bug #39123 :: Default for "upload_tmp_dir" changed to "/tmp" (regression)

Bug #39123

Default for "upload_tmp_dir" changed to "/tmp" (regression)

Submitted:

2006-10-11 01:44 UTC

Modified:

2007-01-19 18:08 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

phpbugs at thequod dot de

Assigned:

Status:

Not a bug

Package:

Safe Mode/open_basedir

PHP Version:

5CVS-2006-10-11 (CVS)

OS:

Ubuntu Linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	phpbugs at thequod dot de
New email:
PHP Version:		OS:

New Comment:

[2006-10-11 01:44 UTC] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact 
that this was not necessary before - see 
http://bugs.php.net/38934).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning:  Unknown: open_basedir 
restriction in effect. File(/tmp) is not within the 
allowed path(s): 
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/) 
in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning:  File upload error - 
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it 
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-10-11 23:31 UTC] iliaa@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Standard process for validating open_basedir applies here.

[2006-10-12 02:26 UTC] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/" 
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also 
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have 
to add upload_tmp_dir to open_basedir for uploads to work)

[2006-10-12 04:05 UTC] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or webserver config files will break with this change.

[2006-10-12 15:28 UTC] phpbugs at thequod dot de

While at it, please reconsider also 
http://bugs.php.net/38934 and at least document since when 
then upload_tmp_dir is needed in open_basedir.

[2006-10-13 02:21 UTC] iliaa@php.net

Make sure your upload_tmp_dir is set and then it'll work.

[2006-10-13 11:27 UTC] phpbugs at thequod dot de

Yes, setting upload_tmp_dir explicitly does not cause the 
problem (anymore).

But still, because the default of upload_tmp_dir is empty, 
it should not bail out when detecting the upload_tmp_dir 
setting.

Manually setting upload_tmp_dir to "/tmp" (without 
trailing slash) allows uploading, but leaving it unset, 
errors out with:
"""
PHP Warning:  Unknown: open_basedir restriction in effect. 
File(/tmp) is not within the allowed path(s): (/X/:/tmp/) 
in Unknown on line 0
PHP Warning:  File upload error - unable to create a 
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while 
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a 
work-around currently, but it should not be necessary for 
upgrading to 5.2 IMHO.

[2006-10-13 13:29 UTC] iliaa@php.net

The error is that the "default" path is validated against 
open_basedir to address earlier tempnam() vulnerability 
allowing open_basedir bypass. 

The solution is either to: set upload_tmp_dir (which is the 
case on most installs) or to make sure that the default tmp 
dir is inside the open_basedir.

[2006-10-13 13:29 UTC] iliaa@php.net

The error is that the "default" path is validated against 
open_basedir to address earlier tempnam() vulnerability 
allowing open_basedir bypass. 

The solution is either to: set upload_tmp_dir (which is the 
case on most installs) or to make sure that the default tmp 
dir is inside the open_basedir.

[2006-10-13 19:27 UTC] phpbugs at thequod dot de

And why is it so that:
 upload_tmp_dir=/tmp
 open_basedir=/tmp/
works, but
 open_basedir=/tmp/
does not?! (because of the trailing slash in the last 
example)

Additionally, I don't believe that upload_tmp_dir is set 
on most installs.

[2007-01-19 18:08 UTC] phpbugs at thequod dot de

JFI: it seems to be the same with session.save_path.

Setting it explicitly to "/tmp/" helps here, too.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Apr 02 21:01:29 2025 UTC