Professional Web Applications Themes

#25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files - PHP Development

ID: 25753 Updated by: [email]sniperphp.net[/email] Reported By: [email]sniperphp.net[/email] Status: Critical Bug Type: Apache related Operating System: * PHP Version: 4CVS, 5CVS New Comment: We do not know what causes this bug or how it can be reliably reproduced. If you know exactly HOW this can be reproduced, add the information here. Any other comments will be deleted. Previous Comments: ------------------------------------------------------------------------ [2003-10-04 09:22:05] mazurek at shw-networks dot de Hi Sniper, do you have any plan, what causes this errors? Do you want me to test the newest RC1? What can I do to help you solving the Problems ? Our customers ...

  1. #1

    Default #25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files

    ID: 25753
    Updated by: [email]sniperphp.net[/email]
    Reported By: [email]sniperphp.net[/email]
    Status: Critical
    Bug Type: Apache related
    Operating System: *
    PHP Version: 4CVS, 5CVS
    New Comment:

    We do not know what causes this bug or how it can be reliably
    reproduced. If you know exactly HOW this can be reproduced, add the
    information here. Any other comments will be deleted.



    Previous Comments:
    ------------------------------------------------------------------------

    [2003-10-04 09:22:05] mazurek at shw-networks dot de

    Hi Sniper,

    do you have any plan, what causes this errors? Do you want me to test
    the newest RC1?
    What can I do to help you solving the Problems ? Our customers are
    getting very unhappy.(because of the open basedir errors).

    Do you need access to our Systems ? This Bug seems to be very hard to
    reproduce, because it never appears diretly after an apache restart.

    Daniel

    ------------------------------------------------------------------------

    [2003-10-04 00:48:12] [email]sniperphp.net[/email]

    Description:
    ------------
    If (for example) one virtualhost configuration has
    set "php_admin_flag register_globals off", in some situations the
    setting persists between requests.
    -> php.ini settings are NOT reset between requests.

    1. php.ini has register_globals = On
    2. Request is made into [url]www.foobar.com[/url]
    (which has "php_admin_flag register_globals off")
    3. Next request (same apache child) is made into [url]www.barfoo.com[/url] (which
    does not have the setting)

    This applies to ALL php.ini directives.

    Some related reports:

    bug #6374 (include_path in .htaccess across multiple vhosts)
    bug #7174 (Round-robin -like values for include_path)
    bug #19292 (Random error: open_basedir restriction..)
    bug #21564 (corrupted paths coming to open_basedir)
    bug #23462 ("php_admin_value open_basedir" in httpd.conf)
    bug #23580 (Random values for include_path)
    bug #24282 (Strange Open Base Dir Restriction Errors)
    bug #24974 (random open_basedir errors)
    bug #25172 ($HTTP_HOST sometimes empty)

    For all who think they're experiencing this problem:
    DO NOT add any comments here unless you have some extra information to
    give which is not already given in above mentioned reports.
    Any comment which has no extra value will be deleted.




    ------------------------------------------------------------------------


    --
    Edit this bug report at [url]http://bugs.php.net/?id=25753&edit=1[/url]
    sniper@php.net Guest

  2. #2

    Default #25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files

    ID: 25753
    Updated by: net
    Reported By: net
    Status: Critical
    Bug Type: Apache related
    Operating System: *
    PHP Version: 4CVS, 5CVS
    New Comment:

    Try the following patch:
    http://bb.prohost.org/ap_bug.txt


    Previous Comments:
    ------------------------------------------------------------------------

    [2003-11-28 10:11:31] joris at ideeel dot nl

    We experience this problem, but different PHP programs are differently
    susceptible to it
    problem: extra slashes before quotation marks (\" instead of ")
    vulnerable: PHPsysinfo & PHPnuke
    not vulnerable: Squirrelmail, phpBB, phpMyAdmin
    Tested on RH73 standard setup.

    joris

    ------------------------------------------------------------------------

    [2003-11-28 10:07:31] blitzer at cutery dot fi

    A workaround I did seems to work until this is fixed: make php.ini
    automatically prepend a .php file that will reload the variables from
    the .ini file.

    ------------------------------------------------------------------------

    [2003-11-08 12:38:07] simon at implix dot com

    We have a similar problem.

    We've got overlapping virtualhosts (as they
    are required for one of our application)
    and sometimes PHP returns register_globals = Off,
    even though = On is set in php.ini.

    We are using php 4.3.4 + apache 2.0.48.

    The problem doesn't exist when we use
    php 4.3.1.

    ------------------------------------------------------------------------

    [2003-10-30 09:35:44] fs at nessus dot at

    no thats false.
    this bug occours on apache 1.3.x too (tested it with 1.3.27).
    i think thats very essential...

    greetings,

    Florian Schicker
    www.nessus.at

    ------------------------------------------------------------------------

    [2003-10-28 04:13:33] mattias at segerdahl dot info

    This bug only appears when and if you have overlapping virtualhosts in
    apache2. Using fqdn's that have IN A or CNAME to an ipaddress on the
    server seems to fix it.

    This is only an observation that seems to have gotten rid of the
    problem for me.

    // bad2da

    ------------------------------------------------------------------------

    The remainder of the comments for this report are too long. To view
    the rest of the comments, please view the bug report online at
    http://bugs.php.net/25753

    --
    Edit this bug report at http://bugs.php.net/?id=25753&edit=1
    iliaa@php.net Guest

  3. #3

    Default #25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files

    ID: 25753
    Updated by: net
    Reported By: net
    Status: Critical
    Bug Type: Apache related
    Operating System: *
    PHP Version: 4CVS, 5CVS
    New Comment:

    Regarding Bug #26810
    We are currently testing the suggested patch on two of our "troubled"
    servers to see if it resolves our problem.
    However the only way to get results from our tests is if our customers
    do not report more errors, so I'll report back in a week or so :)

    We are using Apache 1.3.28 and Apache 1.3.29 on the two servers, see
    more in Bug #26810


    Previous Comments:
    ------------------------------------------------------------------------

    [2003-12-22 17:47:26] dkh-php at nighttide dot net

    This appears suspiciously similar to the bug I opened in 24248, only
    mention it here so that it can be included at the list of related
    reports.

    ------------------------------------------------------------------------

    [2003-12-04 15:49:20] net

    Try the following patch:
    http://bb.prohost.org/ap_bug.txt

    ------------------------------------------------------------------------

    [2003-10-30 09:35:44] fs at nessus dot at

    no thats false.
    this bug occours on apache 1.3.x too (tested it with 1.3.27).
    i think thats very essential...

    greetings,

    Florian Schicker
    www.nessus.at

    ------------------------------------------------------------------------

    [2003-10-28 04:13:33] mattias at segerdahl dot info

    This bug only appears when and if you have overlapping virtualhosts in
    apache2. Using fqdn's that have IN A or CNAME to an ipaddress on the
    server seems to fix it.

    This is only an observation that seems to have gotten rid of the
    problem for me.

    // bad2da

    ------------------------------------------------------------------------

    [2003-10-22 04:01:39] mattias at segerdahl dot info

    Sniper,

    I accidently ran into this bug a few moments ago. I talked to Derick
    about it in the channel and we agreed I would do some testing. There
    are some particular strange behaviour.

    I will try to explain as well as include the files needed to reproduce
    this error. But first let me point out one thing that I find really
    weird.

    This only occurs when the apache server has not been accessed for a
    while, if you reload the page directly after you've encountered this
    error message, it will work perfectly.

    The error message is:

    Warning: Unknown(): open_basedir restriction in effect.
    File(/var/www/users.bitcom.se/index.php) is not within the allowed
    path(s): (/var/www/www.sol.se) in Unknown on line 0
    Warning: Unknown(/var/www/users.bitcom.se/index.php): failed to open
    stream: Operation not permitted in Unknown on line 0
    Warning: (null)(): Failed opening '/var/www/users.bitcom.se/index.php'
    for inclusion (include_path='.:/usr/local/php//lib/php') in Unknown on
    line 0

    My php.ini file http://www.segerdahl.info/25753/php.ini
    My httpd.conf file http://www.segerdahl.info/25753/httpd.conf

    Server version: Apache/2.0.47
    Server built: Oct 20 2003 18:39:21

    PHP 4.3.4RC4 configured as:

    './configure' '--with-apxs2=/usr/local/httpd/bin/apxs'
    '--enable-mbstring' '--with-pear' '--with-mysql'
    '--enable-magic-quotes' '--with-ftp' '--sysconfdir=/etc/php'
    '--with-config-file-path=/etc/php' '--prefix=/usr/local/php/'
    '--enable-mbstring' '--with-curl' '--enable-ftp'

    APACHE configured as:
    ../configure --sysconfdir=/etc/httpd/conf --enable-ssl
    --prefix=/usr/local/httpd --enable-modules=dso,most

    Contact me on efnet if you need more information... // bad2da

    ------------------------------------------------------------------------

    The remainder of the comments for this report are too long. To view
    the rest of the comments, please view the bug report online at
    http://bugs.php.net/25753

    --
    Edit this bug report at http://bugs.php.net/?id=25753&edit=1
    tomsommer@php.net Guest

  4. #4

    Default #25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files

    ID: 25753
    Updated by: net
    Reported By: net
    Status: Critical
    Bug Type: Apache related
    Operating System: *
    PHP Version: 4CVS, 5CVS
    New Comment:

    Installing the patch resulted in a massive amount of errors from
    apache, all looking like:
    [notice] child pid 10072 exit signal Segmentation fault (11)

    .... about 10 of these per. second

    Eventually resulting in the apache server crashing.
    Requesting revised patch :)


    Previous Comments:
    ------------------------------------------------------------------------

    [2004-01-07 07:11:27] net

    Regarding Bug #26810
    We are currently testing the suggested patch on two of our "troubled"
    servers to see if it resolves our problem.
    However the only way to get results from our tests is if our customers
    do not report more errors, so I'll report back in a week or so :)

    We are using Apache 1.3.28 and Apache 1.3.29 on the two servers, see
    more in Bug #26810

    ------------------------------------------------------------------------

    [2003-12-22 17:47:26] dkh-php at nighttide dot net

    This appears suspiciously similar to the bug I opened in 24248, only
    mention it here so that it can be included at the list of related
    reports.

    ------------------------------------------------------------------------

    [2003-12-04 15:49:20] net

    Try the following patch:
    http://bb.prohost.org/ap_bug.txt

    ------------------------------------------------------------------------

    [2003-10-30 09:35:44] fs at nessus dot at

    no thats false.
    this bug occours on apache 1.3.x too (tested it with 1.3.27).
    i think thats very essential...

    greetings,

    Florian Schicker
    www.nessus.at

    ------------------------------------------------------------------------

    [2003-10-28 04:13:33] mattias at segerdahl dot info

    This bug only appears when and if you have overlapping virtualhosts in
    apache2. Using fqdn's that have IN A or CNAME to an ipaddress on the
    server seems to fix it.

    This is only an observation that seems to have gotten rid of the
    problem for me.

    // bad2da

    ------------------------------------------------------------------------

    The remainder of the comments for this report are too long. To view
    the rest of the comments, please view the bug report online at
    http://bugs.php.net/25753

    --
    Edit this bug report at http://bugs.php.net/?id=25753&edit=1
    tomsommer@php.net Guest

Similar Threads

  1. #25753 [Com]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
    By mazurek at shw-networks dot de in forum PHP Development
    Replies: 22
    Last Post: February 23rd, 11:51 AM
  2. #6374 [Csd]: include_path in .htaccess accross multiple vhosts
    By sniper@php.net in forum PHP Development
    Replies: 2
    Last Post: January 28th, 07:32 PM
  3. Replies: 0
    Last Post: October 4th, 04:58 AM
  4. Replies: 0
    Last Post: October 4th, 04:51 AM
  5. Use of php_value in .htaccess is not working
    By Jr in forum PHP Development
    Replies: 0
    Last Post: September 4th, 07:40 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139