php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #31323 session file permissions differ randomly
Submitted: 2004-12-28 17:21 UTC Modified: 2006-03-28 13:15 UTC
Votes:32
Avg. Score:4.4 ± 0.8
Reproduced:29 of 31 (93.5%)
Same Version:6 (20.7%)
Same OS:17 (58.6%)
From: julien dot mathieu at gmail dot com Assigned:
Status: No Feedback Package: Session related
PHP Version: 5.1.2, 4.3.9 OS: Linux
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2004-12-28 17:21 UTC] julien dot mathieu at gmail dot com
Description:
------------
session files created by session_start always exist but  randomly have different permission (rw or r).

directory has full permissions

Sometimes files have r+w -> ok

Sometimes only r -> session_start(): 
open(/tmp/sess_a3a79ce3bd2df9289a325a206c1dfc84, O_RDWR) failed: Permission denied (13) in ... 

Its nearly a random problem but happens 25% of time

Reproduce code:
---------------
<?php session_start()

...


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-02-07 11:15 UTC] julien dot mathieu at gmail dot com
I work now with the 5.1.2 version. The problem still occurs.
 [2006-03-21 17:35 UTC] jd at godaddy dot com
We're seeing this with PHP 4.4.1 and Zend Platform v2.1.0 when using phpMyAdmin.

Check out these permissions

-rwxr-xr-x    1 nobody   nobody      15187 Mar 16 12:06 sess_0834d5863159f74b560ee4c64fab1eb5
-rwxrwxrwx    1 nobody   nobody          0 Mar 21 09:29 sess_243458755660a3b6be9cd416c67bb7e7
-rwxrwxrwx    1 nobody   nobody      15186 Mar 15 12:20 sess_435fad9a208051008e0efa69bd1d6fc7
-rwxrwxrwx    1 root     root            0 Mar 21 09:25 sess_47957086e32d77933e6fd8a1dc63e1f7
-rwx--x--T    1 nobody   nobody      15187 Mar 15 12:54 sess_7b9a5a1840f81a13e86c0ae8ced7ff7a
-rwx--x--T    1 nobody   nobody      15187 Mar 15 12:44 sess_9bedbfafd824c4a3495e7e36070daaca
-rwxr-xr-x    1 nobody   nobody      15191 Mar 13 16:55 sess_b01db0867b79aa251c20356e519cac8b
-rwx--x--T    1 nobody   nobody      15187 Mar 15 15:06 sess_ec5699d9df2be07f8c06c4676230c3de
-rwx--x--T    1 nobody   nobody      15191 Mar 15 11:47 sess_fb0e71df00e24b1b6d22b771fb4c7281
 [2006-03-21 19:02 UTC] jd at godaddy dot com
I should note that after we cleaned all of the sess_* files in /tmp, the problem seems to have gone away (at least for the moment).  Why are future PHP session file permissions being corrupted by preexisting session files?  Is there possibly a buffer overflow possible in the session files, where perhaps a corrupted session file can clobber these pages?
 [2006-03-28 13:15 UTC] mike@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 [2006-05-22 09:20 UTC] pieter at q-go dot com
We have similar problems on Debian with PHP 5.1.2 and 5.1.4.

Sessions are all created with correct permissions, but we get the same permission denied error in 5% of the cases.

drwx-wx-wt   2 root     root     4096 May 22 11:03 .
drwxr-xr-x  27 root     root     4096 May 18 13:44 ..
-rw-------   1 www-data www-data    0 May 22 11:03 sess_11f06ca5b4701f4be8be30b275e4e51e
-rw-------   1 www-data www-data 1569 May 22 11:00 sess_1856e3c4630f074a1b0490c4792c3e53
-rw-------   1 www-data www-data    0 May 22 10:21 sess_d110fb48e440d1ec4ac610243e897c69
-rw-------   1 www-data www-data 1717 May 22 11:05 sess_f9668179e8a92714f4d9553504bdcd93

Changing the default Debian permissions on /var/lib/php5 from drwx-wx-wt to drwxrwxrwt seems to help.

I am putting this here because if the two cases are related, the problem might be more general.
 [2006-11-05 00:16 UTC] bclaydon at volved dot com
To provide further details, I am also using Debian (Sarge) with the latest 4.3.10-16 PHP4 package.

My /var/liv/php4 looks exactly as 'pieter at q-go dot com' mentioned:

drwx-wx-wt   2 root     root     4.0K 2006-11-04 18:58 ./
drwxr-xr-x  35 root     root     4.0K 2006-09-08 19:11 ../
-rw-------   1 www-data www-data   77 2006-11-04 18:58 sess_7b8da94a2febce75775d9082cd20d58d
-rw-------   1 www-data www-data  116 2006-11-04 19:05 sess_856401c969cc1d4e68b6ffd75457c743
-rw-------   1 www-data www-data  116 2006-11-04 18:58 sess_b5419618a3586b7e3b940a0eaf137fb9
-rw-------   1 www-data www-data  116 2006-11-04 19:09 sess_f7d957b726ff923b4b1f6178f8db489f


I am seeing this issue fairly frequently during usage of CakePHP framework which has fairly detailed usage of session functions.

I hope this is resolved at some point, especially if it is still open as of 5.2.0
 [2006-11-09 14:44 UTC] mg at iceni dot pl
I can confirm this bug happening on php 4.4.2 build as apache 2 (with prefork) module. It's extremaly difficult to reproduce, but with little research it seems to be somehow umask related. 

The following is from strace running on a apache process that creates the files with wrong permissions 

open("/tmp/sess_5b2929b94cf141335d0b2d1e5a38fc29", O_RDWR|O_CREAT, 0600) = 186
fstat64(186, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0

So php creates file with 600 permissions but it has only 400 in final. Note that's happening very rarely, normally file is created with 600. 

I didn't have luck tracing how and when umask is changing during request processing (probably something is changing it prior to the request, so possibly it's not even php related), but I tried to make the following very dirty workaround in ext/session/mod_files.c:

------------------------------------------------
@@ -138,6 +138,7 @@
 static void ps_files_open(ps_files *data, const char *key TSRMLS_DC)
 {
        char buf[MAXPATHLEN];
+       mode_t orig_mask;

        if (data->fd < 0 || !data->lastkey || strcmp(key, data->lastkey)) {
                if (data->lastkey) {
@@ -156,8 +157,10 @@

                data->lastkey = estrdup(key);

+               orig_mask = umask(0);
                data->fd = VCWD_OPEN_MODE(buf, O_CREAT | O_RDWR | O_BINARY, 0600);
-
+               umask(orig_mask);
+
------------------------------------------------
No matter how ugly it is - it seems to do the job and session files with wrong permissions are no longer created (this workaround is probably bad idea on threaded severs though).
 [2008-08-12 16:21 UTC] linus dot norton at assertis dot co dot uk
I have also encountered this twice on redhat running apache 2.2.6 and php 5.2.6.

Why has this been closed, no feedback was requested then the ticket is just closed saying no feedback has been given.
 [2009-03-31 14:47 UTC] prikid at gmail dot com
We are experiencing similar problem with php 5.2.6 on freebsd and red hat linux
 [2009-09-08 17:56 UTC] maciejsliwa at op dot pl
I have the same problem with O_RDWR, it happend in 20% of usage. It strange, because on the same configuration, but only on diffrent computer it works fine.
Computer on which i have problems
Notebook HP 6153ea dualcore 1,66Ghz
Windows XP Media Center Edition
PHP 5.3.0
server Apache

Server was instaled by EasyPHP 2.0

the second computer which configuration is identical is
AMD Athlon 1Ghz
Windows XP Profesional
PHP 5.3.0
server Apache
and on this its works fine

[Tue Sep 08 19:44:37 2009] [error] [client 127.0.0.1] PHP Warning:  session_start() [<a href='function.session-start'>function.session-start</a>]: open(C:\\DOCUME~1\\Maciek\\LOCALS~1\\Temp\\\\sess_jcje64e16gqqtpktra8jndo990, O_RDWR) failed: Permission denied (13) in C:\\Program Files\\EasyPHP3_1\\www\\Magazyn\\magazynMain.php on line 3, referer: http://127.0.0.1/Magazyn/magazyn.php
 [2010-07-07 14:46 UTC] yanusdnd at inbox dot ru
Yes. i've got the same problem. rebooting was help for first 2 or 3 request and 
again r-- --- ---. You can see that at <a href="http://aquafaq.ru">aquafaq.ru</a>.
First time - OK but all others FAIL: Warning: session_start() [function.session-
start]: open(/var/lib/php5/sess_d81882c054eff34d32ae1b247bb64f84, O_RDWR) failed: 
Permission denied (13) in
 [2010-09-28 12:22 UTC] marc at iacomputing dot co dot uk
This problem still exists in 5.2.9.

Sessions are being created with -rw------- permissions. 

The session is being created on the first site and the when a user visits 
another site on the same server with a different IP address the server is trying 
to use the same session file but cannot access it.

Running WHM 11.26.8 &
CENTOS 5.5 x86_64 standard

Sites have different IP addresses.

Strangely the problem does not exist when users visit WWW.domainname.co.uk 
first. It only occurs when user first visit the site without the "www".

So when they visit the second site secure.domainname.co.uk after visiting 
domainname.co.uk. They cannot write to their session files on the server.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 18:01:58 2014 UTC