PHP :: Bug #17169 :: include_path allows bypass of safe

Bug #17169	include_path allows bypass of safe_mode
Submitted:	2002-05-12 19:16 UTC	Modified:	2002-07-16 09:34 UTC
From:	ilia at prohost dot org	Assigned:
Status:	Closed	Package:	Performance problem
PHP Version:	4.2.0	OS:	Linux 2.4.18
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	ilia at prohost dot org
New email:
PHP Version:		OS:

New/Additional Comment:

[2002-05-12 19:16 UTC] ilia at prohost dot org

By setting include_path setting to any directory readable to the webserver it is possible to read files from the directory regardless of safe_mode limitations.

Ex.
<?php
      ini_set('include_path', '/etc/');
      include('passwd');
?>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-05-13 03:35 UTC] sitnikov at infonet dot ee

I has test this on 4.1.2 & 4.2.0 and it not work for me.

[2002-05-20 12:42 UTC] mfischer@php.net

Is this still an issue or just a configuraion/whatever problem?

[2002-07-16 09:34 UTC] jflemer@php.net

Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php

Works in 4.2.1. Put an
echo "Safe mode: " . ini_get('safe_mode');
in there, and make sure the script isn't owned by the same user as /etc/passwd.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri May 03 00:01:31 2024 UTC