PHP :: Bug #18795 :: open_basedir does not work correctly

Bug #18795	open_basedir does not work correctly
Submitted:	2002-08-07 17:10 UTC	Modified:	2005-01-31 22:58 UTC
From:	ilia at prohost dot org	Assigned:
Status:	Not a bug	Package:	Safe Mode/open_basedir
PHP Version:	4CVS-2002-08-07	OS:	Linux 2.4.19
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem: 40 - 38 = ?
Subscribe to this entry?

[2002-08-07 17:10 UTC] ilia at prohost dot org

open_basedir directive does not allow operation within directories owned by another users.
php.ini directives:
safe_mode on
open_basedir = /home/ilia/

/home/ilia/ is owned by ilia:ilia

test.php ( owned by ilia:ilia, run as root )
<?php
        mkdir('safe_mode1', 0755);
        mkdir('safe_mode1/safe_mode2', 0755);
?>
creation of safe_mode1 directory succeeds, however creation of 'safe_mode2' inside 'safe_mode1' fails with a safe_mode error about uids not matching.
Shouldn't open_basedir directive allow creation of files/directories anywhere above /home/ilia/ ?

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-08-07 17:39 UTC] edink@php.net

No since open_basedir is independent of safe_mode. It is safe_mode which prevents opening files with different uid.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 00:01:41 2024 UTC