php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80492 CHMOD does not work
Submitted: 2020-12-07 17:30 UTC Modified: 2020-12-07 17:46 UTC
From: gilperon at gmail dot com Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 8.0.0 OS: CENTOS 7 and 8
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: gilperon at gmail dot com
New email:
PHP Version: OS:

 

 [2020-12-07 17:30 UTC] gilperon at gmail dot com
Description:
------------
This bug happens also on PHP 7.X and 8.X.

When using PHP command "chmod(filename,persmission);" on a file owned by "root", PHP will say "Operation not permitted". Alright, it looks fine, since apache runs as "apache" user.

HOWEVER I can easily use "unlink", "move_uploaded_file", "file_put_contents" and many other PHP functions on files OWNED BY ROOT and any other user.

So why cant "chmod" change the file permission of a file that other PHP functions may well EVEN DELETE OR WRITE to that file, despite being owned by another user on ther server. I can see how this isnt a bug and it took me 3 hours to get to the bottom of it cause I couldnt belive what was happening since I could easily read/write to files but weirdly, "chmod" couldnt change permission.

Test script:
---------------
chdmod(filename,0777)

Expected result:
----------------
permission should be shown

Actual result:
--------------
OPERATION NOT PERMITTED.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-12-07 17:33 UTC] peehaa@php.net
-Status: Open +Status: Not a bug
 [2020-12-07 17:33 UTC] peehaa@php.net
This is just how it works. To chmod a file you either need to be the owner or root
 [2020-12-07 17:46 UTC] gilperon at gmail dot com
peehaa@php.net what? Who says that's how it works? You? Check some example man page of chmod

https://linux.die.net/man/1/chmod

I checked others too, there is absolutetly nothing saying the permission should not be changed if the owner is not who is requesting the permission change. I AM NOT CHANGING owner, I am chaning the permission. There is no security implication since I can already delete and write to that file.

I cant see how you came to the conclusion on your own.
 [2020-12-07 18:15 UTC] dharman@php.net
Thanks for your interest in making PHP better but this is the correct behaviour. To change a file you need to have permissions or be the owner. However, to remove a file from a directory you need to have permissions for that directory or be the owner of that directory. If you have write permissions for the directory then you can remove files even ones you do not own. This is the correct behaviour of Linux systems and it is not the problem specific to PHP.
 [2020-12-07 21:20 UTC] rtrtrtrtrt at dfdfdfdf dot dfd
> Who says that's how it works?

common sense and how unix works for decades

as owner or root i can set permissions who can read, write, delete but just because i gave you write permissions you are not in the position to change the permissions itself because you are not the owner

why don't you just try to do the same on a linux shell?
you will get the same result
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Jul 04 04:05:46 2022 UTC