|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2009-02-13 00:13 UTC] jani@php.net
[2009-02-20 01:00 UTC] php-bugs at lists dot php dot net
[2012-11-07 22:46 UTC] nick at all-it dot ru
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sat Apr 20 00:01:27 2024 UTC |
Description: ------------ PHP Function is_writable() sometimes reports false results. Requirements: Linux - getuid() != geteuid() After inspection of PHP source, I realized, that is_writable() internally uses syscall access(2). In turn, access(2) man page (on Linux) says: The check is done with the calling process’s real UID and GID, rather than with the effective IDs as is done when actually attempting an operation. This is to allow set-user-ID programs to easily determine the invoking user’s authority. Reproduce code: --------------- <? $file = "testfile.txt"; echo "GetUID: " . posix_getuid() . "/" . posix_geteuid() . "<br />"; echo "file is writable " . (is_writable($file)?"TRUE":"FALSE") . "<br />"; fopen("testfile.txt", 'wt'); echo ("file created"); ?> Expected result: ---------------- Expected result: either: file is writable TRUE file created or file is writable FALSE ERROR Actual result: -------------- GetUID: 933/10099 file is writable FALSE file created