|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #3454 Allows access to any directory on server
Submitted: 2000-02-11 07:38 UTC Modified: 2005-03-31 16:13 UTC
From: norikd at usa dot net Assigned:
Status: Wont fix Package: Other
PHP Version: 3.0.12 OS: RedHat 5.1
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: norikd at usa dot net
New email:
PHP Version: OS:


 [2000-02-11 07:38 UTC] norikd at usa dot net
php3.ini as follows



copy("/etc/passwd","passwd");  /* this works */
$fd=fopen("passwd","r");           /* so does this */
fclose($fd);                             /* and this */

$fd=fopen("/etc/passwd","r");  /* this does is not successful */
fclose($fd);                           /* as it should not be */


So the system will allow me to copy the passwd file to a local allowd directory and then open it which bypasses the fact that I have restricted the system with open_basedir directive.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-03-31 16:13 UTC] php-bugs at lists dot php dot net
We are sorry, but we do not support PHP 3 related problems anymore.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Jul 21 17:01:30 2024 UTC