php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #43819 -
Submitted: 2008-01-11 14:14 UTC Modified: 2008-02-07 00:44 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: fxbois at gmail dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.2.5 OS: RHEL3
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2008-01-11 14:14 UTC] fxbois at gmail dot com 
Description:
------------
Hi,

I want to report that PHP 5.2.5 loose the local session.save_path. I set it with session_save_path() but just after, when I look at its value, it contains the master value instead of the value just setted.

This happens after a short period of time. (Just after restrating apache  everything works fine).

It is a big security problem in my opinion.

System :
- Red Hat Enterprise Linux ES release 3 (Taroon Update 8)
- PHP 5.2.5
- Apache/2.0.46

Reproduce code:
---------------
// master value is /home/.tmp

$new = '2;0777;web/tmp';
session_save_path($new);
echo session_save_path();


Expected result:
----------------
2;0777;web/tmp

Actual result:
--------------
/home/.tmp

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-01-12 17:49 UTC] fxbois at gmail dot com 
I have in my php.ini file the value :
session.save_path = "/tmp"

When I try to change this value in a php script with session_save_path() 
the new value is not kept and the session.save_path still contains "/tmp".

session_save_path("2;0777;web/tmp");
error_log(session_save_path()); 
// /tmp appears instead of 2;0777;web/tmp

What is strange is that this bad behaviour only appears a few minutes after an apache restart.  

I tried many night build (5.2.6) with no success. I am sure that this behaviour appeared with 5.2.5.

I can try patches if you want.

Hope this new comment will help. This bug is very very annoying on a shared server.

tia
 [2008-02-05 00:26 UTC] jani@php.net 
Are you by any chance using php_admin_value / php_value anywhere in your  httpd.conf / .htaccess files? And if so, are you using those to set different session.save_path?
 [2008-02-05 08:44 UTC] fxbois at gmail dot com 
I must confess that I changed all my servers because, as I said it was a serious security problem for me, and I had no feedback.

The configuration I used to have was :
1/ session.save_path in the php.ini
2/ php_admin_value session.save_path in the virtualhost
3/ use off the function session_save_path() in a script. The script is loaded for every action but set a different path according to the URI.
 [2008-02-05 13:17 UTC] manuel at mausz dot at 
Same as Bug 43677 :)
 [2008-02-05 23:54 UTC] fxbois at gmail dot com 
It is so strange that such a big security issue is not dealt serioulsy by a core php developer.
Manuel thanx for your patch.
 [2008-02-07 00:44 UTC] jani@php.net 
Duplicate of bug #43677

And this report is missing a proper summary too, I wonder why..?
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 03 22:01:33 2024 UTC