|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #29840 [PATCH] is_executable() does not honor safe_mode_exec_dir setting
Submitted: 2004-08-25 18:06 UTC Modified: 2008-02-15 08:31 UTC
Avg. Score:4.3 ± 0.9
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:3 (100.0%)
From: markus at cultcom dot de Assigned:
Status: Closed Package: Safe Mode/open_basedir
PHP Version: 5CVS, 4CVS (2005-01-04) OS: *
Private report: No CVE-ID: None
 [2004-08-25 18:06 UTC] markus at cultcom dot de
Seems to be a common problem nobody complains about...
"is_executable()" does not work in safe_mode!

Some PHP-Projects check for sendmail using this function and don't work in safe_mode even if sendmail acutally IS executable (i.e. PEAR: Mail.php).

is_executable() should at least honor the safe_mode_exec_dir directive!

Reproduce code:
if( is_executable( "/usr/sbin/sendmail" ) ) {
   print ("no probs!\n");
else {
   print ("this really sucks!\n");

Try with PHP/CGI and suexec + safe_mode
where example-UID != sendmail-UID

Expected result:
true, what else?

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-08-12 01:00 UTC]
Please try this patch:
(with the latest snapshot/CVS).
 [2005-12-05 11:17 UTC]
Any news on this?

Would appreciate this patch in PHP4 and PHP5
 [2005-12-19 18:17 UTC]
tony2001: 2 words for you: Just commit! :)
 [2006-12-09 16:01 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sat Jun 03 04:03:39 2023 UTC