|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73048 scandir() does not work without permission to parent folder.
Submitted: 2016-09-08 15:08 UTC Modified: 2021-06-28 13:56 UTC
Avg. Score:3.8 ± 1.3
Reproduced:4 of 4 (100.0%)
Same Version:0 (0.0%)
Same OS:2 (50.0%)
From: aj at ajhenderson dot com Assigned: cmb (profile)
Status: Not a bug Package: Directory function related
PHP Version: 7.0.10 OS: Windows
Private report: No CVE-ID: None
 [2016-09-08 15:08 UTC] aj at ajhenderson dot com
When attempting to scandir() on a folder which the user has permission to, it fails with Access is Denied (code 5) if the user does not have access to the parent directory as well.

Expected result:
Scandir should be able to scan the folder that the PHP user has permission to access.

Actual result:
Access is denied (code 5) returned.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-09-08 17:25 UTC]
-Status: Open +Status: Verified -Operating System: Windows Server 2012 R2 +Operating System: Windows
 [2016-09-08 17:25 UTC]
When testing, remember that NTFS has permission inheritance.
1. Create parent and child directories
2. Edit permissions on both to disable inheritance (and replace with existing inherited permissions)
3. Remove permissions on parent folder

Commands like dir (`dir parent\child`) are able to display the contents of the child directory, however commands like attrib (`attrib parent\child`) rightfully do not work. It'd be easy to say that PHP's behavior is intentional/not a bug, however if dir can do it then I'd think PHP should be able to as well.


// setup
mkdir("parent") && mkdir("parent\\child") && touch("parent\\child\\file.txt");
passthru("icacls parent /inheritance:d"); // so we can remove this user's perms
passthru("icacls parent\\child /inheritance:d"); // so it doesn't inherit parent's perms
passthru("icacls parent /remove %USERNAME%");

// works
passthru("dir parent\\child");

// does not work

// cleanup
passthru("icacls parent /grant %USERNAME%:f");
unlink("parent\\child\\file.txt") && rmdir("parent\\child") && rmdir("parent");

 [2016-09-09 23:48 UTC]
Thanks for the reproduce script, Damian!

I can't, however, reproduce scandir() failing with PHP 7.0.10 on
Windows 10 Home build 10586.545; instead running the script
produces the output in
Apparently, the permissions are set as intended, as `dir parent`
confirms ("Datei nicht gefunden"), while `dir parent\child` lists
the folder contents.
 [2016-09-10 06:15 UTC]
Interesting. I tried 7.0.10 (NTS x64) on Win10 Pro 10586.

Add a
  passthru("icacls parent");
to the end of the setup block: I get as output

Do you have anyone else listed there? That could be a difference between Home and Pro - or just a difference in our setups, of course.

Speaking of, I'm logged in as a domain user who is supposedly part of the local Administrators group.

Anyway, Process Monitor shows only a failed CreateFile for parent:

High Resolution Date & Time:	2016-09-09 22:44:21.3795403
Event Class:	File System
Operation:	CreateFile
Path:	...\parent
TID:	8444
Duration:	0.0000311
Desired Access:	Read Data/List Directory, Synchronize
Disposition:	Open
Options:	Directory, Synchronous IO Non-Alert
Attributes:	n/a
ShareMode:	Read, Write, Delete
AllocationSize:	n/a

Watching cmd, `dir parent\child` does a CreateFile directly on child.
 [2021-06-28 13:56 UTC]
-Status: Verified +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2021-06-28 13:56 UTC]
Time flies …

> Do you have anyone else listed there?

Right.  If I remove these as well, I can reproduce.

However, this is actually expected behavior (and not particularly
Windows related); all file and directory functions call
realpath(3) (actually PHP's own implementation), and that requires
permission to access all path components.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Jun 13 14:01:33 2024 UTC