php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #49351 posix_setuid/posix_seteuid/posix_setgid/posix_setegid crashed apache
Submitted: 2009-08-25 00:02 UTC Modified: 2009-09-10 01:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: VJTD3 at VJTD3 dot com Assigned:
Status: No Feedback Package: POSIX related
PHP Version: 5.3.0 OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: VJTD3 at VJTD3 dot com
New email:
PHP Version: OS:

 

 [2009-08-25 00:02 UTC] VJTD3 at VJTD3 dot com
Description:
------------
apache Apache/2.2.13:
env CFLAGS="-DBIG_SECURITY_HOLE" ./configure --enable-so && make && make install

php 5.3.0:
./configure --with-apxs2 && make && make install

-DBIG_SECURITY_HOLE allows for root startup (administrative builds for panels and such...) when this flag is used to compile apache, php will crash when posix_setuid posix_seteuid posix_setgid or posix_setegid are used to change the user/group.

Reproduce code:
---------------
<?php

 posix_seteuid(1000);
 posix_setegid(1000);
 posix_setuid(1000);
 posix_setgid(1000);

?>

(make sure you use a number that has an actual user...)

Expected result:
----------------
change to that user.

Actual result:
--------------
php and apache crash.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-08-25 06:43 UTC] jani@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

And provide a GDB backtrace if it still crashes.
 [2009-09-01 23:07 UTC] VJTD3 at VJTD3 dot com
the problem still exists, I'm not sure i can use gdb since it's a problem interfacing with apache. I'll try tonight.
 [2009-09-10 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 14 10:01:28 2024 UTC