php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #48111 unlink() does not delete symlinks without a target if open_basedir is used
Submitted: 2009-04-29 17:42 UTC Modified: 2021-05-21 12:05 UTC
Votes:12
Avg. Score:3.3 ± 1.4
Reproduced:7 of 8 (87.5%)
Same Version:3 (42.9%)
Same OS:3 (42.9%)
From: simon at stienen dot name Assigned: cmb (profile)
Status: Wont fix Package: Safe Mode/open_basedir
PHP Version: 5.2.9 OS: FreeBSD 7.1-RELEASE/amd64
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: simon at stienen dot name
New email:
PHP Version: OS:

 

 [2009-04-29 17:42 UTC] simon at stienen dot name 
Description:
------------
unlink()ing a symlink with its target missing fails with an open_basedir error.

This might be related to
http://bugs.php.net/bug.php?id=20235 (actual deletion changed, but sanitization still uses target?) and/or
http://bugs.php.net/bug.php?id=29145 (missing target (empty string?) is considered to be outside of open_basedir?)


Reproduce code:
---------------
<?php

echo "creating link\n";
symlink('nonexisting_target', 'link');

echo "unlinking link\n";
unlink('link');

echo "creating target\n";
file_put_contents('nonexisting_target', 'foo');

echo "unlinking link (again)\n";
unlink('link');

echo "unlinking target\n";
unlink('nonexisting_target');


Expected result:
----------------
Run with php -d open_basedir=

creating link
unlinking link
creating target
unlinking link (again)

Warning: unlink(link): No such file or directory in /tmp/- on line 13
unlinking target


Actual result:
--------------
Run with php -d open_basedir=/

creating link
unlinking link

Warning: unlink(): open_basedir restriction in effect. File(link) is not within the allowed path(s): (/) in /tmp/- on line 7
creating target
unlinking link (again)
unlinking target

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-29 20:39 UTC] simon at stienen dot name 
Ok, a possible solution would be to apply the open_basedir check to the parent directory instead of the file or the symlink itself.

I have implemented and slightly tested this, but please consider that my C knowledge is somewhat limited and I have almost no insight into PHPs internals, so please treat these diffs with the necessary care:

http://trashbin.slashlife.org/tmp/plain_wrapper.c.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-p.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-u.diff
 [2010-02-14 20:27 UTC] antoine dot contal+bugs dot php dot net at gmail dot com 
Same issue with PHP 5.2.11.
 [2011-04-08 18:21 UTC] jani@php.net
-Package: Feature/Change Request +Package: Safe Mode/open_basedir
 [2021-05-21 12:05 UTC] cmb@php.net
-Status: Open +Status: Wont fix -Assigned To: +Assigned To: cmb
 [2021-05-21 12:05 UTC] cmb@php.net 
> Ok, a possible solution would be to apply the open_basedir check
> to the parent directory instead of the file or the symlink itself.

Well, that would require special casing for unlinking symlinks,
which was rejected for bug #29145.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 01:01:30 2024 UTC