php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34957 PHP5 ignores any kind of ACL including FS ACL, AFS ACL or trustees (PHP4 works)
Submitted: 2005-10-22 16:55 UTC Modified: 2005-10-22 19:37 UTC
From: cunha17 at gmail dot com Assigned:
Status: Closed Package: Filesystem function related
PHP Version: 5CVS-2005-10-22 (CVS) OS: debian sarge kernel 2.6
Private report: No CVE-ID:
 [2005-10-22 16:55 UTC] cunha17 at gmail dot com
Description:
------------
This bug only exists at PHP5 branch. PHP4 works just fine.
This patch which was provided by jr@terragate.net fixes these bugs:
  - Bug #14923 is_readable, is_writable, is_executable fail on POSIX ACL based filesystems (this bug is ancient and is fixed in PHP4 branch, but not fixed on PHP5 branch - regression test problems ?)
  - Bug #30931 is_writable() and is_readable() return false when access is permit (this bug is marked as no feedback so that's why I opened this bug report)
  - This bug report itself

Reproduce code:
---------------
<?php
$file = "test.php";
echo $file.' is '.(is_readable($file) ? '' : 'NOT ')."readable!<br>\n";
echo $file.' is '.(is_writable($file) ? '' : 'NOT ')."writable!<br>\n";
?>

The POSIX ACL on test.php:
$ getfacl test.php
# file: test.php
# owner: root
# group: root
user::rw-
user:swishe:rwx
group::---
mask::rwx
other::---


Expected result:
----------------
Logged in as user swishe and using PHP CLI:

host:/var$ php test.php
test.php is readable!<br>
test.php is writable!<br>


Actual result:
--------------
Logged in as user swishe and using PHP CLI:

host:/var$ php test.php
test.php is NOT readable!<br>
test.php is NOT writable!<br>

Here is the patch provided by jr@terragate.net at Bug #30931 which fixes this problem. I tested it over XFS and AFS. 

Index: ext/standard/filestat.c
===================================================================
RCS file: /repository/php-src/ext/standard/filestat.c,v
retrieving revision 1.137
diff -u -r1.137 filestat.c
--- ext/standard/filestat.c     23 Aug 2005 12:53:23 -0000      1.137
+++ ext/standard/filestat.c     22 Oct 2005 14:06:23 -0000
@@ -543,6 +543,7 @@
 #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK || (__t) == FS_LSTAT)
 #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS  || (__t) == FS_IS_W || (__t) == FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) == FS_IS_DIR || (__t) == FS_IS_LINK)
 #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t) == FS_IS_X)
+#define IS_ACCESS_CHECK(__t) (IS_ABLE_CHECK(type) || (__t) == FS_EXISTS)

 /* {{{ php_stat
  */
@@ -552,6 +553,7 @@
                *stat_size, *stat_atime, *stat_mtime, *stat_ctime, *stat_blksize, *stat_blocks;
        struct stat *stat_sb;
        php_stream_statbuf ssb;
+       char * local_path;
        int flags = 0, rmask=S_IROTH, wmask=S_IWOTH, xmask=S_IXOTH; /* access rights defaults to other */
        char *stat_sb_names[13]={"dev", "ino", "mode", "nlink", "uid", "gid", "rdev",
                              "size", "atime", "mtime", "ctime", "blksize", "blocks"};
@@ -559,7 +561,21 @@
        if (!filename_length) {
                RETURN_FALSE;
        }
-
+#ifndef NETWARE
+       if (IS_ACCESS_CHECK(type) &&
+               !php_stream_locate_url_wrapper(filename, &local_path, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC)) {
+               switch(type) {
+                       case FS_EXISTS:
+                               RETURN_BOOL(access(local_path, F_OK) == 0);
+                       case FS_IS_W:
+                               RETURN_BOOL(access(local_path, W_OK) == 0);
+                       case FS_IS_X:
+                               RETURN_BOOL(access(local_path, X_OK) == 0);
+                       case FS_IS_R:
+                               RETURN_BOOL(access(local_path, R_OK) == 0);
+               }
+       }
+#endif
        if (IS_LINK_OPERATION(type)) {
                flags |= PHP_STREAM_URL_STAT_LINK;
        }


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-22 19:10 UTC] wez@php.net
Fixed in CVS; will be present in PHP 5.1 and up.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 08:02:33 2014 UTC