|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #53263 Allow realpath cache to function even with open_basedir enabled
Submitted: 2010-11-08 14:17 UTC Modified: 2019-11-14 15:34 UTC
Avg. Score:3.6 ± 1.0
Reproduced:10 of 15 (66.7%)
Same Version:0 (0.0%)
Same OS:6 (60.0%)
From: Assigned:
Status: Wont fix Package: Safe Mode/open_basedir
PHP Version: 5.3.3 OS: *
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-11-08 14:17 UTC]
As described in bug #52312 - realpath cache is disabled when open_basedir is enabled. Would it be possible to either:

1) Fix the security problem related to having both enabled at the same time
2) Add a php.ini or ./configure toggle to enable both at the same time, overriding the security aspect in order to gain performance.



asdf (last revision 2023-03-13 17:08 UTC by jose dot lainez at se dot gob dot hn)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-08 17:44 UTC]
I don't think the security problem is fixable.  We have no way to prevent the contents behind a cache entry from changing which is the root of the security problem.  And I don't see the point in open_basedir if you remove the security aspect.  The less secure toggle is to simply turn off open_basedir.  An open_basedir feature that doesn't actually guarantee that users can't open files outside of the specified base directory isn't useful.
 [2019-11-14 11:38 UTC] michael dot vorisek at email dot cz
Is the cache issue related only when the PHP process is resused for multiple requests with different open_basedir values?

If yes, an extra switch makes 100% sense. The security is 100% kept and realpath cache will be available which makes up too 10x the performace on Windows with file heavy scripts.
 [2019-11-14 15:34 UTC]
-Status: Open +Status: Wont fix
 [2019-11-14 15:34 UTC]
@michael: It applies to one request as well as it does multiple requests. One script could, during its lifetime, create and resolve a symlink to a path within open_basedir, then redirect that symlink to a path outside it.

In the interests of having one fewer open tickets regarding open_basedir performance, and since #52312 is still open, I'm going to wontfix this per @rasmus's comment.
 [2019-11-14 15:38 UTC] retertertert at fgfgfg dot com
> One script could, during its lifetime, create and 
> resolve a symlink to a path within open_basedir, 
> then redirect that symlink to a path outside it

i wonder how it will do that with disable_functions="symlink" which is global and known at startup and with all exec&freinds also in disbale_functions
 [2019-11-14 15:42 UTC] retertertert at fgfgfg dot com
and if you don't want to implement that check give sensile people which know their environment a ini-option instead disable the realpath cache *hardcoded* based on another ini-option with no chance to say "dear php runtime: look i disabled the race-condition with symlinks and hence the cache is fine, use it"

or fix symlink() to now allow "then redirect that symlink to a path outside it" which would close the issue where it happens instead work around it
 [2020-09-01 10:59 UTC] fuco809 at gmail dot com

why such a soltion can not be integrated as option in php core?
 [2023-03-13 17:08 UTC] jose dot lainez at se dot gob dot hn
The following patch has been added/updated:

Patch Name: asdf
Revision:   1678727334
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Wed Sep 27 09:01:24 2023 UTC