php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #48111 unlink() does not delete symlinks without a target if open_basedir is used
Submitted: 2009-04-29 17:42 UTC Modified: 2011-04-08 18:21 UTC
Votes:10
Avg. Score:3.4 ± 1.5
Reproduced:5 of 6 (83.3%)
Same Version:3 (60.0%)
Same OS:3 (60.0%)
From: simon at stienen dot name Assigned:
Status: Open Package: Safe Mode/open_basedir
PHP Version: 5.2.9 OS: FreeBSD 7.1-RELEASE/amd64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: simon at stienen dot name
New email:
PHP Version: OS:

 

 [2009-04-29 17:42 UTC] simon at stienen dot name
Description:
------------
unlink()ing a symlink with its target missing fails with an open_basedir error.

This might be related to
http://bugs.php.net/bug.php?id=20235 (actual deletion changed, but sanitization still uses target?) and/or
http://bugs.php.net/bug.php?id=29145 (missing target (empty string?) is considered to be outside of open_basedir?)


Reproduce code:
---------------
<?php

echo "creating link\n";
symlink('nonexisting_target', 'link');

echo "unlinking link\n";
unlink('link');

echo "creating target\n";
file_put_contents('nonexisting_target', 'foo');

echo "unlinking link (again)\n";
unlink('link');

echo "unlinking target\n";
unlink('nonexisting_target');


Expected result:
----------------
Run with php -d open_basedir=

creating link
unlinking link
creating target
unlinking link (again)

Warning: unlink(link): No such file or directory in /tmp/- on line 13
unlinking target


Actual result:
--------------
Run with php -d open_basedir=/

creating link
unlinking link

Warning: unlink(): open_basedir restriction in effect. File(link) is not within the allowed path(s): (/) in /tmp/- on line 7
creating target
unlinking link (again)
unlinking target

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-29 20:39 UTC] simon at stienen dot name
Ok, a possible solution would be to apply the open_basedir check to the parent directory instead of the file or the symlink itself.

I have implemented and slightly tested this, but please consider that my C knowledge is somewhat limited and I have almost no insight into PHPs internals, so please treat these diffs with the necessary care:

http://trashbin.slashlife.org/tmp/plain_wrapper.c.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-p.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-u.diff
 [2010-02-14 20:27 UTC] antoine dot contal+bugs dot php dot net at gmail dot com
Same issue with PHP 5.2.11.
 [2011-04-08 18:21 UTC] jani@php.net
-Package: Feature/Change Request +Package: Safe Mode/open_basedir
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed Aug 21 20:01:27 2019 UTC