#39123 [NEW]: upload_tmp_dir with trailing slash in open_basedir causes uploads to fail

phpbugs at thequod dot de · phpbugs at thequod dot de

From: phpbugs at thequod dot de
Operating system: Ubuntu Linux
PHP version: 5CVS-2006-10-11 (CVS)
PHP Bug Type: Safe Mode/open_basedir
Bug description: upload_tmp_dir with trailing slash in open_basedir causes uploads to fail

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

--
Edit bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]
--
Try a CVS snapshot (PHP 4.4): [url]http://bugs.php.net/fix.php?id=39123&r=trysnapshot44[/url]
Try a CVS snapshot (PHP 5.2): [url]http://bugs.php.net/fix.php?id=39123&r=trysnapshot52[/url]
Try a CVS snapshot (PHP 6.0): [url]http://bugs.php.net/fix.php?id=39123&r=trysnapshot60[/url]
Fixed in CVS: [url]http://bugs.php.net/fix.php?id=39123&r=fixedcvs[/url]
Fixed in release: [url]http://bugs.php.net/fix.php?id=39123&r=alreadyfixed[/url]
Need backtrace: [url]http://bugs.php.net/fix.php?id=39123&r=needtrace[/url]
Need Reproduce Script: [url]http://bugs.php.net/fix.php?id=39123&r=needscript[/url]
Try newer version: [url]http://bugs.php.net/fix.php?id=39123&r=oldversion[/url]
Not developer issue: [url]http://bugs.php.net/fix.php?id=39123&r=support[/url]
Expected behavior: [url]http://bugs.php.net/fix.php?id=39123&r=notwrong[/url]
Not enough info: [url]http://bugs.php.net/fix.php?id=39123&r=notenoughinfo[/url]
Submitted twice: [url]http://bugs.php.net/fix.php?id=39123&r=submittedtwice[/url]
register_globals: [url]http://bugs.php.net/fix.php?id=39123&r=globals[/url]
PHP 3 support discontinued: [url]http://bugs.php.net/fix.php?id=39123&r=php3[/url]
Daylight Savings: [url]http://bugs.php.net/fix.php?id=39123&r=dst[/url]
IIS Stability: [url]http://bugs.php.net/fix.php?id=39123&r=isapi[/url]
Install GNU Sed: [url]http://bugs.php.net/fix.php?id=39123&r=gnused[/url]
Floating point limitations: [url]http://bugs.php.net/fix.php?id=39123&r=float[/url]
No Zend Extensions: [url]http://bugs.php.net/fix.php?id=39123&r=nozend[/url]
MySQL Configuration Error: [url]http://bugs.php.net/fix.php?id=39123&r=mysqlcfg[/url]

iliaa@php.net · iliaa@php.net

ID: 39123
Updated by: [email]iliaa@php.net[/email]
Reported By: phpbugs at thequod dot de
-Status: Open
+Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

Previous Comments:
------------------------------------------------------------------------

[2006-10-11 01:44:07] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

phpbugs at thequod dot de · phpbugs at thequod dot de

ID: 39123
User updated by: phpbugs at thequod dot de
-Summary: upload_tmp_dir with trailing slash in open_basedir
causes uploads to fail
Reported By: phpbugs at thequod dot de
-Status: Bogus
+Status: Open
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

Previous Comments:
------------------------------------------------------------------------

[2006-10-11 23:31:40] [email]iliaa@php.net[/email]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

------------------------------------------------------------------------

[2006-10-11 01:44:07] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

judas dot iscariote at gmail dot com · judas dot iscariote at gmail dot com

ID: 39123
Comment by: judas dot iscariote at gmail dot com
Reported By: phpbugs at thequod dot de
Status: Open
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

Previous Comments:
------------------------------------------------------------------------

[2006-10-12 02:26:56] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

------------------------------------------------------------------------

[2006-10-11 23:31:40] [email]iliaa@php.net[/email]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

------------------------------------------------------------------------

[2006-10-11 01:44:07] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

phpbugs at thequod dot de · phpbugs at thequod dot de

ID: 39123
User updated by: phpbugs at thequod dot de
Reported By: phpbugs at thequod dot de
Status: Open
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

Previous Comments:
------------------------------------------------------------------------

[2006-10-12 04:05:26] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

------------------------------------------------------------------------

[2006-10-12 02:26:56] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

------------------------------------------------------------------------

[2006-10-11 23:31:40] [email]iliaa@php.net[/email]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

------------------------------------------------------------------------

[2006-10-11 01:44:07] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

iliaa@php.net · iliaa@php.net

ID: 39123
Updated by: [email]iliaa@php.net[/email]
Reported By: phpbugs at thequod dot de
-Status: Open
+Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

Make sure your upload_tmp_dir is set and then it'll work.

Previous Comments:
------------------------------------------------------------------------

[2006-10-12 15:28:12] phpbugs at thequod dot de

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

------------------------------------------------------------------------

[2006-10-12 04:05:26] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

------------------------------------------------------------------------

[2006-10-12 02:26:56] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

------------------------------------------------------------------------

[2006-10-11 23:31:40] [email]iliaa@php.net[/email]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

------------------------------------------------------------------------

[2006-10-11 01:44:07] phpbugs at thequod dot de

Description:
------------
I have no upload_tmp_dir set, so it seems to use "/tmp".

I have added "/tmp/" to open_basedir (despite the fact
that this was not necessary before - see
[url]http://bugs.php.net/38934[/url]).

Upload in PHP_5_2 fails with:
[11-Oct-2006 03:26:35] PHP Warning: Unknown: open_basedir
restriction in effect. File(/tmp) is not within the
allowed path(s):
(/web7/:/var/www/web7/:/tmp/:/var/www/usr/local/share/php/:/usr/local/share/php/)

in Unknown on line 0
[11-Oct-2006 03:26:35] PHP Warning: File upload error -
unable to create a temporary file in Unknown on line 0

This is a regression to PHP_5_1, where it works like this!

Setting upload_tmp_dir=/tmp/ (with ending slash) fixes it
also for PHP_5_2.

Reproduce code:
---------------
Any upload form, there are two in the other bug refered above.

Expected result:
----------------
Upload works.

Actual result:
--------------
Upload does not work.

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

phpbugs at thequod dot de · phpbugs at thequod dot de

ID: 39123
User updated by: phpbugs at thequod dot de
Reported By: phpbugs at thequod dot de
-Status: Bogus
+Status: Open
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

Yes, setting upload_tmp_dir explicitly does not cause the
problem (anymore).

But still, because the default of upload_tmp_dir is empty,
it should not bail out when detecting the upload_tmp_dir
setting.

Manually setting upload_tmp_dir to "/tmp" (without
trailing slash) allows uploading, but leaving it unset,
errors out with:
"""
PHP Warning: Unknown: open_basedir restriction in effect.
File(/tmp) is not within the allowed path(s): (/X/:/tmp/)
in Unknown on line 0
PHP Warning: File upload error - unable to create a
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a
work-around currently, but it should not be necessary for
upgrading to 5.2 IMHO.

Previous Comments:
------------------------------------------------------------------------

[2006-10-13 02:21:22] [email]iliaa@php.net[/email]

Make sure your upload_tmp_dir is set and then it'll work.

------------------------------------------------------------------------

[2006-10-12 15:28:12] phpbugs at thequod dot de

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

------------------------------------------------------------------------

[2006-10-12 04:05:26] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

------------------------------------------------------------------------

[2006-10-12 02:26:56] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

------------------------------------------------------------------------

[2006-10-11 23:31:40] [email]iliaa@php.net[/email]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
[url]http://www.php.net/manual/[/url] and the instructions on how to report
a bug at [url]http://bugs.php.net/how-to-report.php[/url]

Standard process for validating open_basedir applies here.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/39123[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

iliaa@php.net · iliaa@php.net

ID: 39123
Updated by: [email]iliaa@php.net[/email]
Reported By: phpbugs at thequod dot de
-Status: Open
+Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

Previous Comments:
------------------------------------------------------------------------

[2006-10-13 11:27:26] phpbugs at thequod dot de

Yes, setting upload_tmp_dir explicitly does not cause the
problem (anymore).

But still, because the default of upload_tmp_dir is empty,
it should not bail out when detecting the upload_tmp_dir
setting.

Manually setting upload_tmp_dir to "/tmp" (without
trailing slash) allows uploading, but leaving it unset,
errors out with:
"""
PHP Warning: Unknown: open_basedir restriction in effect.
File(/tmp) is not within the allowed path(s): (/X/:/tmp/)
in Unknown on line 0
PHP Warning: File upload error - unable to create a
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a
work-around currently, but it should not be necessary for
upgrading to 5.2 IMHO.

------------------------------------------------------------------------

[2006-10-13 02:21:22] [email]iliaa@php.net[/email]

Make sure your upload_tmp_dir is set and then it'll work.

------------------------------------------------------------------------

[2006-10-12 15:28:12] phpbugs at thequod dot de

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

------------------------------------------------------------------------

[2006-10-12 04:05:26] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

------------------------------------------------------------------------

[2006-10-12 02:26:56] phpbugs at thequod dot de

I've changed the summary.
Long version:
Default for "upload_tmp_dir" has changed from "/tmp/"
to "/tmp" and uploads now fail with open_base_dir="/tmp/"!

This is a regression!

If I use "/tmp/" in open_base_dir, I expect it to also
handle accesses to the "/tmp" directory itself!

(all apart the fact that it's ridiculous to manually have
to add upload_tmp_dir to open_basedir for uploads to work)

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/39123[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

iliaa@php.net · iliaa@php.net

ID: 39123
Updated by: [email]iliaa@php.net[/email]
Reported By: phpbugs at thequod dot de
Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

Previous Comments:
------------------------------------------------------------------------

[2006-10-13 13:29:04] [email]iliaa@php.net[/email]

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

------------------------------------------------------------------------

[2006-10-13 11:27:26] phpbugs at thequod dot de

Yes, setting upload_tmp_dir explicitly does not cause the
problem (anymore).

But still, because the default of upload_tmp_dir is empty,
it should not bail out when detecting the upload_tmp_dir
setting.

Manually setting upload_tmp_dir to "/tmp" (without
trailing slash) allows uploading, but leaving it unset,
errors out with:
"""
PHP Warning: Unknown: open_basedir restriction in effect.
File(/tmp) is not within the allowed path(s): (/X/:/tmp/)
in Unknown on line 0
PHP Warning: File upload error - unable to create a
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a
work-around currently, but it should not be necessary for
upgrading to 5.2 IMHO.

------------------------------------------------------------------------

[2006-10-13 02:21:22] [email]iliaa@php.net[/email]

Make sure your upload_tmp_dir is set and then it'll work.

------------------------------------------------------------------------

[2006-10-12 15:28:12] phpbugs at thequod dot de

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

------------------------------------------------------------------------

[2006-10-12 04:05:26] judas dot iscariote at gmail dot com

Ilia :

Can u reconsider this ? this is a BC break, and Im sure gazillions or
webserver config files will break with this change.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/39123[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

phpbugs at thequod dot de · phpbugs at thequod dot de

ID: 39123
User updated by: phpbugs at thequod dot de
Reported By: phpbugs at thequod dot de
Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

And why is it so that:
upload_tmp_dir=/tmp
open_basedir=/tmp/
works, but
open_basedir=/tmp/
does not?! (because of the trailing slash in the last
example)

Additionally, I don't believe that upload_tmp_dir is set
on most installs.

Previous Comments:
------------------------------------------------------------------------

[2006-10-13 13:29:05] [email]iliaa@php.net[/email]

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

------------------------------------------------------------------------

[2006-10-13 13:29:04] [email]iliaa@php.net[/email]

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

------------------------------------------------------------------------

[2006-10-13 11:27:26] phpbugs at thequod dot de

Yes, setting upload_tmp_dir explicitly does not cause the
problem (anymore).

But still, because the default of upload_tmp_dir is empty,
it should not bail out when detecting the upload_tmp_dir
setting.

Manually setting upload_tmp_dir to "/tmp" (without
trailing slash) allows uploading, but leaving it unset,
errors out with:
"""
PHP Warning: Unknown: open_basedir restriction in effect.
File(/tmp) is not within the allowed path(s): (/X/:/tmp/)
in Unknown on line 0
PHP Warning: File upload error - unable to create a
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a
work-around currently, but it should not be necessary for
upgrading to 5.2 IMHO.

------------------------------------------------------------------------

[2006-10-13 02:21:22] [email]iliaa@php.net[/email]

Make sure your upload_tmp_dir is set and then it'll work.

------------------------------------------------------------------------

[2006-10-12 15:28:12] phpbugs at thequod dot de

While at it, please reconsider also
[url]http://bugs.php.net/38934[/url] and at least document since when
then upload_tmp_dir is needed in open_basedir.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/39123[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

phpbugs at thequod dot de · phpbugs at thequod dot de

ID: 39123
User updated by: phpbugs at thequod dot de
Reported By: phpbugs at thequod dot de
Status: Bogus
Bug Type: Safe Mode/open_basedir
Operating System: Ubuntu Linux
PHP Version: 5CVS-2006-10-11 (CVS)
New Comment:

JFI: it seems to be the same with session.save_path.

Setting it explicitly to "/tmp/" helps here, too.

Previous Comments:
------------------------------------------------------------------------

[2006-10-13 19:27:27] phpbugs at thequod dot de

And why is it so that:
upload_tmp_dir=/tmp
open_basedir=/tmp/
works, but
open_basedir=/tmp/
does not?! (because of the trailing slash in the last
example)

Additionally, I don't believe that upload_tmp_dir is set
on most installs.

------------------------------------------------------------------------

[2006-10-13 13:29:05] [email]iliaa@php.net[/email]

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

------------------------------------------------------------------------

[2006-10-13 13:29:04] [email]iliaa@php.net[/email]

The error is that the "default" path is validated against
open_basedir to address earlier tempnam() vulnerability
allowing open_basedir bypass.

The solution is either to: set upload_tmp_dir (which is the
case on most installs) or to make sure that the default tmp
dir is inside the open_basedir.

------------------------------------------------------------------------

[2006-10-13 11:27:26] phpbugs at thequod dot de

Yes, setting upload_tmp_dir explicitly does not cause the
problem (anymore).

But still, because the default of upload_tmp_dir is empty,
it should not bail out when detecting the upload_tmp_dir
setting.

Manually setting upload_tmp_dir to "/tmp" (without
trailing slash) allows uploading, but leaving it unset,
errors out with:
"""
PHP Warning: Unknown: open_basedir restriction in effect.
File(/tmp) is not within the allowed path(s): (/X/:/tmp/)
in Unknown on line 0
PHP Warning: File upload error - unable to create a
temporary file in Unknown on line 0
"""

To me it looks like the error gets triggered while
determining the default upload_tmp_dir setting.

I consider setting "upload_tmp_dir" explicitly as a
work-around currently, but it should not be necessary for
upgrading to 5.2 IMHO.

------------------------------------------------------------------------

[2006-10-13 02:21:22] [email]iliaa@php.net[/email]

Make sure your upload_tmp_dir is set and then it'll work.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/39123[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=39123&edit=1[/url]

#39123 [NEW]: upload_tmp_dir with trailing slash in open_basedir causes uploads to fail

Thread Tools

Display

#39123 [NEW]: upload_tmp_dir with trailing slash in open_basedir causes uploads to fail

Similar Questions and Discussions

#40419 [NEW]: Trailing Slash in CGI request don't work

Large file uploads fail after 6.1 to 7.0.1 upgrade

File uploads and upload_tmp_dir

trailing slash issue in Find.find

Removing Trailing Slash

#39123 [Opn->Bgs]: upload_tmp_dir with trailing slash in open_basedir causes uploads to fail

#39123 [Bgs->Opn]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Com]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Opn]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Opn->Bgs]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Bgs->Opn]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Opn->Bgs]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Bgs]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Bgs]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

#39123 [Bgs]: Default for "upload_tmp_dir" changed to "/tmp" (regression)

Posting Permissions