|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #17536 safe_mode_include_dir does not work properly with symbolic links.
Submitted: 2002-05-30 20:17 UTC Modified: 2005-01-31 22:59 UTC
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (33.3%)
From: mburger at netbeyond dot de Assigned:
Status: No Feedback Package: Safe Mode/open_basedir
PHP Version: 4.2.1 OS: Linux (SuSE)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: mburger at netbeyond dot de
New email:
PHP Version: OS:


 [2002-05-30 20:17 UTC] mburger at netbeyond dot de

I think safe_mode_include_dir does not work properly with symbolic
links. Here my configuration:

<VirtualHost 134.96.x.y>
    DocumentRoot /kunden/hosting/server/

    <IfModule mod_php4.c>
        php_admin_value safe_mode 1
        php_admin_value safe_mode_exec_dir /usr/bin
        php_admin_value safe_mode_include_dir /kunden/hosting/server/

        php_admin_value open_basedir /kunden/hosting/server/

        php_admin_value upload_tmp_dir /kunden/hosting/server/

        php_admin_value include_path .:/kunden/hosting/server/

        php_admin_value error_reporting 2023


I copied





Everthing in .../sub/lib_php/. is owned by root.root, the remaining
files and dirs in .../sub/ by vs1.www

If I try to include 'System.php' I get this error:

    Warning: SAFE MODE Restriction in effect. The script whose uid is
    504 is not allowed to access
    /kunden/hosting/server/ owned by uid
    0 in /var/www/ on line 9

You should know there is a symbolic link:

    /kunden/hosting/server -> /var/www

If I change the line with safe_mode_include_dir as following
    php_admin_value safe_mode_include_dir /var/www/

the include statements works as expected.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-24 15:50 UTC]
Please try using this CVS snapshot:
For Windows:

 [2002-11-09 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Apr 15 07:01:28 2024 UTC