php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7204 Safe mode prevents normal operations with files
Submitted: 2000-10-14 08:21 UTC Modified: 2000-10-18 06:03 UTC
From: byg at d7 dot ru Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 4.0.3 OS: Linux
Private report: No CVE-ID: None
 [2000-10-14 08:21 UTC] byg at d7 dot ru
Hello!

Safe mode prevents normal operations with files, e.g.:
====================
<?
//if (copy("/home/tmp/test4.html", "/home/byg/f1/main/tpic/test4.html"))
/*if (!file_exists($fn)) echo "NOT FOUND $fn<br>\n";
if (file_exists($fn)) echo "FOUND $fn<br>\n";
if (copy($fn, "/home/byg/f1/main/tpic/test4.html"))
 echo "OK";
else
 echo "BAD";*/
//include "/home/byg/homepage/testy.inc";
?>
====================
it prints "FOUND phpVtC860" and "BAD".

More general case:
<?
if (!copy(somefile, anothefile)) echo "Error";
?>

this script will print "Error" if "somefile" has been
uploaded or just belongs to a uid different with uid of
running script. Quote log file:
=================
[14-Oct-2000 18:15:09] PHP Warning:  SAFE MODE Restriction in effect.  The script whose uid is 100 is not allowed to access /home/tmp/phpVtC860 owned by uid 9000 in /home/byg/homepage/testy.inc on line 5
=================

I think there is nothing wrong in my setup when
there are Apache-pseudo-user and web-development user with
different uids. Essentially, I cannot allow apache pseudo-user to own neither HTML files nor PHP-scripts.
But this is the cause of quoted message and failures of
copy function.

I think something wrong in algorithm of
PHPAPI int php_checkuid(const char *fn, char *fopen_mode, int mode), 'cos I didn't catch sense of the following
checking:
=============
        if (duid == (uid=php_getuid())) return(1);
        else {
              php_error(E_WARNING, "SAFE MODE Restriction in effect.  The script whose uid is %ld is not allowed to access %s owned by uid %ld",uid,fn,duid);
                return(0);
=============
when change this for return(1) all seems to be OK.
What sense in having the same uid owns php-scripts and
is web-user?

Loaded Modules
mod_php4, mod_setenvif, mod_auth, mod_access, mod_alias,
mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir,
mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime,
mod_log_config, mod_env, mod_charset, http_core

php.ini from distribution except the following lines:
safe_mode               =       On
safe_mode_protected_env_vars=LD_LIBRARY_PATH,REQUEST_URI,PHP_SELF
auto_prepend_file,error logging settings,upload_tmp_dir

WBR, Yury Bokhoncovich.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-10-18 06:03 UTC] stas@php.net
The whole point of safe_mode it to prevent access to files not owned by owner of the script. If you don't want it, turn off the safe mode. 
 [2002-04-04 00:16 UTC] byg at d7 dot ru
Upcoming 4.2 has a few cool features to avoid given problem:
safe_mode_gid
safe_mode_include_dir

Combination of those allows:
1) to enable safe_mode
2) to have different uid(s)/gid(s) for web-server and for web-developers (pretty usefule for hosting and dev-groups)
3) still to restrict access to certain areas

Thanx, folks.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sun Jan 23 16:03:48 2022 UTC