PHP :: Doc Bug #33639 :: docs for chmod re safe

docs for chmod re safe_mode

Submitted:

2005-07-11 04:09 UTC

Modified:

2005-08-30 16:20 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	0 (0.0%)

From:

crescentfreshpot at yahoo dot com

Assigned:

Status:

Closed

Package:

Documentation problem

PHP Version:

Irrelevant

OS:

SunOS

Private report:

CVE-ID:

None

View Developer Edit

[2005-07-11 04:09 UTC] crescentfreshpot at yahoo dot com

Description:
------------
Docs for chmod state:
"When safe mode is enabled, PHP checks whether the files ... you are about to operate on have the same UID (owner) as the script that is being executed"

On a shared user server with php installed as an apache module and safe_mode on, php is running as 'www'. My script script.php (owner uid = 8612) operates on myfile.txt (owner uid = 8612) with fopen() and chmod(). Only fopen works, chmod triggers a "Not owner" warning:

ls -al:
-rwxrwxrwx   1 user1   users   4427 Jul 11 02:38 script.php
-rwxrwxrwx   1 user1   users    282 Jul  8 05:13 myfile.txt

(directory holding these is:
drwxrwxrwx+  2 user1   users    512 Jul 11 02:38 public_html)

Clearly both the script and the file the script operates on have the same owner.

I know (or suspect) this is not a bug in php but rather a side effect of the apache user (www) chmod'ing a file it doesn't own. If so perhaps the docs could be updated to mention this behaviour? chmod in particular spits out a "Not owner" warning and clearly this can cause needless confusion with the above ls -al output.

Reproduce code:
---------------
script.php:
<?php
error_reporting(E_ALL);
$file = "myfile.txt";
echo "fileowner($file) = ".fileowner($file)."\n";
echo "fileowner(".basename(__FILE__).") = ".fileowner(__FILE__)."\n";

$fp = fopen($file,'r');

if(is_resource($fp)) {
	echo "fopen($file) successful\n";
	fclose($fp);
} else {
	echo "fopen($file) failed\n";
}

chmod($file,0755);
?>

Expected result:
----------------
fileowner(myfile.txt) = 8612
fileowner(script.php) = 8612
fopen(myfile.txt) successful

Actual result:
--------------
fileowner(myfile.txt) = 8612
fileowner(script.php) = 8612
fopen(myfile.txt) successful
Warning: chmod(): Not owner in /home/user1/public_html/script.php on line 15

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-07-17 11:43 UTC] dmytton@php.net

Confirmed on Fedora/Apache1/PHP5.0.4:

fileowner(myfile.txt) = 32021 
fileowner(chmod.php) = 32021 
fopen(myfile.txt) successful
Warning: chmod() [function.chmod]: Operation not permitted in /home/expanse/public_html/chmod.php on line 16

This sounds more like a chmod() bug than a doc bug to me.

[2005-08-30 16:20 UTC] vrana@php.net

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.

"The mode can be changed only by user who owns the file on most systems." added to "The current user is the user under which PHP runs." part.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Aug 04 12:00:03 2025 UTC