#40326 [NEW]: Can't open file from cwd if parent folder not readable

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

From: sborrill at precedence dot co dot uk
Operating system: NetBSD 3.1_STABLE
PHP version: 5.2.0
PHP Bug Type: Streams related
Bug description: Can't open file from cwd if parent folder not readable

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file in
the current working directory (i.e. same as the script) even if a parent
directory only had +x permission and not +rx for the webserver. With 5.2.0
(and today's 5.2 snapshot) you get "Warning: fopen(file) [function.fopen]:
failed to open stream: No such file or directory [...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run php
from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in public_html
in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such file
or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

--
Edit bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]
--
Try a CVS snapshot (PHP 4.4): [url]http://bugs.php.net/fix.php?id=40326&r=trysnapshot44[/url]
Try a CVS snapshot (PHP 5.2): [url]http://bugs.php.net/fix.php?id=40326&r=trysnapshot52[/url]
Try a CVS snapshot (PHP 6.0): [url]http://bugs.php.net/fix.php?id=40326&r=trysnapshot60[/url]
Fixed in CVS: [url]http://bugs.php.net/fix.php?id=40326&r=fixedcvs[/url]
Fixed in release: [url]http://bugs.php.net/fix.php?id=40326&r=alreadyfixed[/url]
Need backtrace: [url]http://bugs.php.net/fix.php?id=40326&r=needtrace[/url]
Need Reproduce Script: [url]http://bugs.php.net/fix.php?id=40326&r=needscript[/url]
Try newer version: [url]http://bugs.php.net/fix.php?id=40326&r=oldversion[/url]
Not developer issue: [url]http://bugs.php.net/fix.php?id=40326&r=support[/url]
Expected behavior: [url]http://bugs.php.net/fix.php?id=40326&r=notwrong[/url]
Not enough info: [url]http://bugs.php.net/fix.php?id=40326&r=notenoughinfo[/url]
Submitted twice: [url]http://bugs.php.net/fix.php?id=40326&r=submittedtwice[/url]
register_globals: [url]http://bugs.php.net/fix.php?id=40326&r=globals[/url]
PHP 3 support discontinued: [url]http://bugs.php.net/fix.php?id=40326&r=php3[/url]
Daylight Savings: [url]http://bugs.php.net/fix.php?id=40326&r=dst[/url]
IIS Stability: [url]http://bugs.php.net/fix.php?id=40326&r=isapi[/url]
Install GNU Sed: [url]http://bugs.php.net/fix.php?id=40326&r=gnused[/url]
Floating point limitations: [url]http://bugs.php.net/fix.php?id=40326&r=float[/url]
No Zend Extensions: [url]http://bugs.php.net/fix.php?id=40326&r=nozend[/url]
MySQL Configuration Error: [url]http://bugs.php.net/fix.php?id=40326&r=mysqlcfg[/url]

tony2001@php.net · tony2001@php.net

ID: 40326
Updated by: [email]tony2001@php.net[/email]
Reported By: sborrill at precedence dot co dot uk
-Status: Open
+Status: Feedback
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

Previous Comments:
------------------------------------------------------------------------

[2007-02-02 15:22:59] sborrill at precedence dot co dot uk

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file
in the current working directory (i.e. same as the script) even if a
parent directory only had +x permission and not +rx for the webserver.
With 5.2.0 (and today's 5.2 snapshot) you get "Warning: fopen(file)
[function.fopen]: failed to open stream: No such file or directory
[...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run
php from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in
public_html in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such
file or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

ID: 40326
User updated by: sborrill at precedence dot co dot uk
Reported By: sborrill at precedence dot co dot uk
-Status: Feedback
+Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

Previous Comments:
------------------------------------------------------------------------

[2007-02-02 18:44:36] [email]tony2001@php.net[/email]

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

------------------------------------------------------------------------

[2007-02-02 15:22:59] sborrill at precedence dot co dot uk

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file
in the current working directory (i.e. same as the script) even if a
parent directory only had +x permission and not +rx for the webserver.
With 5.2.0 (and today's 5.2 snapshot) you get "Warning: fopen(file)
[function.fopen]: failed to open stream: No such file or directory
[...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run
php from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in
public_html in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such
file or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

tony2001@php.net · tony2001@php.net

ID: 40326
Updated by: [email]tony2001@php.net[/email]
Reported By: sborrill at precedence dot co dot uk
-Status: Open
+Status: Feedback
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

Previous Comments:
------------------------------------------------------------------------

[2007-02-03 09:32:00] sborrill at precedence dot co dot uk

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

------------------------------------------------------------------------

[2007-02-02 18:44:36] [email]tony2001@php.net[/email]

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

------------------------------------------------------------------------

[2007-02-02 15:22:59] sborrill at precedence dot co dot uk

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file
in the current working directory (i.e. same as the script) even if a
parent directory only had +x permission and not +rx for the webserver.
With 5.2.0 (and today's 5.2 snapshot) you get "Warning: fopen(file)
[function.fopen]: failed to open stream: No such file or directory
[...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run
php from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in
public_html in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such
file or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

ID: 40326
User updated by: sborrill at precedence dot co dot uk
Reported By: sborrill at precedence dot co dot uk
-Status: Feedback
+Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

OK, permissions are nearly the same (except in our case, it's the
parent of the www directory that is -r not the www itself, but that's
probably unimportant).

The getcwd() line shows a difference though. On NetBSD and other Unix
OSes (all except for Linux?) getcwd() returns FALSE as noted in
[url]http://bugs.php.net/bug.php?id=24185[/url]

Perhaps the reason it's working for you on Linux is because your
getcwd() _isn't_ returning FALSE and there's now an extra getcwd() call
in the fopen codepath. N.B. as in my original report, with PHP 5.1.6,
getcwd() returned FALSE, but fopen worked nonetheless.

Also, the patches to PHP in the NetBSD package are the same between
5.1.6 and 5.2.0 (or if they differ it's in an unrelated section). The
patches related to php.ini, configure, curl and imap/c-client only.
Everything else is stock:

[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/patches/[/url]

Previous Comments:
------------------------------------------------------------------------

[2007-02-05 09:40:56] [email]tony2001@php.net[/email]

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

------------------------------------------------------------------------

[2007-02-03 09:32:00] sborrill at precedence dot co dot uk

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

------------------------------------------------------------------------

[2007-02-02 18:44:36] [email]tony2001@php.net[/email]

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

------------------------------------------------------------------------

[2007-02-02 15:22:59] sborrill at precedence dot co dot uk

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file
in the current working directory (i.e. same as the script) even if a
parent directory only had +x permission and not +rx for the webserver.
With 5.2.0 (and today's 5.2 snapshot) you get "Warning: fopen(file)
[function.fopen]: failed to open stream: No such file or directory
[...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run
php from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in
public_html in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such
file or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

tony2001@php.net · tony2001@php.net

ID: 40326
Updated by: [email]tony2001@php.net[/email]
Reported By: sborrill at precedence dot co dot uk
-Status: Open
+Status: Feedback
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

Please try using this CVS snapshot:

[url]http://snaps.php.net/php5.2-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php5.2-win32-latest.zip[/url]

Previous Comments:
------------------------------------------------------------------------

[2007-02-05 13:45:38] sborrill at precedence dot co dot uk

OK, permissions are nearly the same (except in our case, it's the
parent of the www directory that is -r not the www itself, but that's
probably unimportant).

The getcwd() line shows a difference though. On NetBSD and other Unix
OSes (all except for Linux?) getcwd() returns FALSE as noted in
[url]http://bugs.php.net/bug.php?id=24185[/url]

Perhaps the reason it's working for you on Linux is because your
getcwd() _isn't_ returning FALSE and there's now an extra getcwd() call
in the fopen codepath. N.B. as in my original report, with PHP 5.1.6,
getcwd() returned FALSE, but fopen worked nonetheless.

Also, the patches to PHP in the NetBSD package are the same between
5.1.6 and 5.2.0 (or if they differ it's in an unrelated section). The
patches related to php.ini, configure, curl and imap/c-client only.
Everything else is stock:

[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/patches/[/url]

------------------------------------------------------------------------

[2007-02-05 09:40:56] [email]tony2001@php.net[/email]

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

------------------------------------------------------------------------

[2007-02-03 09:32:00] sborrill at precedence dot co dot uk

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

------------------------------------------------------------------------

[2007-02-02 18:44:36] [email]tony2001@php.net[/email]

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

------------------------------------------------------------------------

[2007-02-02 15:22:59] sborrill at precedence dot co dot uk

Description:
------------
With PHP versions prior to 5.2.0 (e.g. 5.1.6), you could fopen() a file
in the current working directory (i.e. same as the script) even if a
parent directory only had +x permission and not +rx for the webserver.
With 5.2.0 (and today's 5.2 snapshot) you get "Warning: fopen(file)
[function.fopen]: failed to open stream: No such file or directory
[...]".

If it's of any relevance, with all versions, getcwd() returns FALSE on
NetBSD if a parent folder is not readable, but this does not affect
fopen().

This is affecting any user whose home area is mode 0711 when they run
php from their public_html folder (which is mode 0755).

Reproduce code:
---------------
Ensuring ownership is not same as web server process (e.g. in
public_html in user's home area):

mkdir one
mkdir one/two
chmod 711 one
chmod 755 one/two
echo "test" > one/two/testfile

one/two/index.php contains:
<?php
echo "cwd:".getcwd()." ";
$fp=fopen("testfile","r");
if($fp) fpassthru($fp);
?>

Stage one:
chmod 711 one

Stage two:
chmod 755 one

Expected result:
----------------
(stage one):
cwd:
test

(stage two)
cwd: /home/testuser/public_html
test

Actual result:
--------------
(stage 1):
cwd:
Warning: fopen(file) [function.fopen]: failed to open stream: No such
file or directory [...]

(stage two)
cwd: /home/testuser/public_html
test

------------------------------------------------------------------------

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

ID: 40326
User updated by: sborrill at precedence dot co dot uk
Reported By: sborrill at precedence dot co dot uk
-Status: Feedback
+Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

Yes, as per my original bug report, it is not fixed in the daily
snapshots. I've confirmed it today's too.

I can recreate it with the cli php binary too (i.e. I don't have to
test it from Apache).

Previous Comments:
------------------------------------------------------------------------

[2007-02-05 13:51:27] [email]tony2001@php.net[/email]

Please try using this CVS snapshot:

[url]http://snaps.php.net/php5.2-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php5.2-win32-latest.zip[/url]

------------------------------------------------------------------------

[2007-02-05 13:45:38] sborrill at precedence dot co dot uk

OK, permissions are nearly the same (except in our case, it's the
parent of the www directory that is -r not the www itself, but that's
probably unimportant).

The getcwd() line shows a difference though. On NetBSD and other Unix
OSes (all except for Linux?) getcwd() returns FALSE as noted in
[url]http://bugs.php.net/bug.php?id=24185[/url]

Perhaps the reason it's working for you on Linux is because your
getcwd() _isn't_ returning FALSE and there's now an extra getcwd() call
in the fopen codepath. N.B. as in my original report, with PHP 5.1.6,
getcwd() returned FALSE, but fopen worked nonetheless.

Also, the patches to PHP in the NetBSD package are the same between
5.1.6 and 5.2.0 (or if they differ it's in an unrelated section). The
patches related to php.ini, configure, curl and imap/c-client only.
Everything else is stock:

[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/patches/[/url]

------------------------------------------------------------------------

[2007-02-05 09:40:56] [email]tony2001@php.net[/email]

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

------------------------------------------------------------------------

[2007-02-03 09:32:00] sborrill at precedence dot co dot uk

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

------------------------------------------------------------------------

[2007-02-02 18:44:36] [email]tony2001@php.net[/email]

Cannot reproduce.
Both PHP 5.2-CVS and PHP 6-CVS work just fine with Apache 1.x.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

ID: 40326
User updated by: sborrill at precedence dot co dot uk
Reported By: sborrill at precedence dot co dot uk
Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

I've tracked this down to changes to virtual_file_ex() which is called
from expand_filepath(). expand_filepath() returns "/file" from "file"
with 5.2.0 (and later), but returns "file" with 5.1.6 and earlier. This
is down to changes between revisions 1.74.2.9 (v5.1.6) and 1.74.2.9.2.9
(v5.2.0) of TSRM/tsrm_virtual_cwd.c. I've not yet tracked it down
further.

Previous Comments:
------------------------------------------------------------------------

[2007-02-10 19:25:28] sborrill at precedence dot co dot uk

Yes, as per my original bug report, it is not fixed in the daily
snapshots. I've confirmed it today's too.

I can recreate it with the cli php binary too (i.e. I don't have to
test it from Apache).

------------------------------------------------------------------------

[2007-02-05 13:51:27] [email]tony2001@php.net[/email]

Please try using this CVS snapshot:

[url]http://snaps.php.net/php5.2-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php5.2-win32-latest.zip[/url]

------------------------------------------------------------------------

[2007-02-05 13:45:38] sborrill at precedence dot co dot uk

OK, permissions are nearly the same (except in our case, it's the
parent of the www directory that is -r not the www itself, but that's
probably unimportant).

The getcwd() line shows a difference though. On NetBSD and other Unix
OSes (all except for Linux?) getcwd() returns FALSE as noted in
[url]http://bugs.php.net/bug.php?id=24185[/url]

Perhaps the reason it's working for you on Linux is because your
getcwd() _isn't_ returning FALSE and there's now an extra getcwd() call
in the fopen codepath. N.B. as in my original report, with PHP 5.1.6,
getcwd() returned FALSE, but fopen worked nonetheless.

Also, the patches to PHP in the NetBSD package are the same between
5.1.6 and 5.2.0 (or if they differ it's in an unrelated section). The
patches related to php.ini, configure, curl and imap/c-client only.
Everything else is stock:

[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/patches/[/url]

------------------------------------------------------------------------

[2007-02-05 09:40:56] [email]tony2001@php.net[/email]

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

------------------------------------------------------------------------

[2007-02-03 09:32:00] sborrill at precedence dot co dot uk

What OS? Are you sure you've checked file ownership? What do you get on
the getcwd() lines?

We are finding this is 100% reproducible on all our customers' servers
when they are using php in a UserDir.

I've checked the package definition and patches at:
[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/[/url]
Nothing relevant has been altered betweeen 5.1.6 and 5.2.0 in the
NetBSD pkg.

php.ini file remains the same throughout. We aren't using safe mode or
open_basedir. I looked at the CVS log for fopen_wrapper.c but didn't
spot anything relevant. I'm not familiar enough with PHP internals to
know where to add much debugging, but I'm happy to follow any
suggestions.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

tony2001@php.net · tony2001@php.net

ID: 40326
Updated by: [email]tony2001@php.net[/email]
Reported By: sborrill at precedence dot co dot uk
-Status: Open
+Status: Feedback
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

Please provide an account on this machine.

Previous Comments:
------------------------------------------------------------------------

[2007-02-10 21:39:07] sborrill at precedence dot co dot uk

I've tracked this down to changes to virtual_file_ex() which is called
from expand_filepath(). expand_filepath() returns "/file" from "file"
with 5.2.0 (and later), but returns "file" with 5.1.6 and earlier. This
is down to changes between revisions 1.74.2.9 (v5.1.6) and 1.74.2.9.2.9
(v5.2.0) of TSRM/tsrm_virtual_cwd.c. I've not yet tracked it down
further.

------------------------------------------------------------------------

[2007-02-10 19:25:28] sborrill at precedence dot co dot uk

Yes, as per my original bug report, it is not fixed in the daily
snapshots. I've confirmed it today's too.

I can recreate it with the cli php binary too (i.e. I don't have to
test it from Apache).

------------------------------------------------------------------------

[2007-02-05 13:51:27] [email]tony2001@php.net[/email]

Please try using this CVS snapshot:

[url]http://snaps.php.net/php5.2-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php5.2-win32-latest.zip[/url]

------------------------------------------------------------------------

[2007-02-05 13:45:38] sborrill at precedence dot co dot uk

OK, permissions are nearly the same (except in our case, it's the
parent of the www directory that is -r not the www itself, but that's
probably unimportant).

The getcwd() line shows a difference though. On NetBSD and other Unix
OSes (all except for Linux?) getcwd() returns FALSE as noted in
[url]http://bugs.php.net/bug.php?id=24185[/url]

Perhaps the reason it's working for you on Linux is because your
getcwd() _isn't_ returning FALSE and there's now an extra getcwd() call
in the fopen codepath. N.B. as in my original report, with PHP 5.1.6,
getcwd() returned FALSE, but fopen worked nonetheless.

Also, the patches to PHP in the NetBSD package are the same between
5.1.6 and 5.2.0 (or if they differ it's in an unrelated section). The
patches related to php.ini, configure, curl and imap/c-client only.
Everything else is stock:

[url]http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/lang/php5/patches/[/url]

------------------------------------------------------------------------

[2007-02-05 09:40:56] [email]tony2001@php.net[/email]

>What OS?

Linux

>Are you sure you've checked file ownership?

#ls -ld /www
d--x--x--x 15 tony users 2864 Feb 5 12:36 /www
#ls -l /www/index.php
-rw-r--r-- 1 tony users 110 Feb 5 12:36 /www/index.php

Apache runs as user "wwwrun".

>What do you get on the getcwd() lines?

string(4) "/www"

Please try the latest snapshot from [url]http://snaps.php.net[/url] if you're
using some patches/adopted version.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

tlaramie at superb dot net · tlaramie at superb dot net

ID: 40326
Comment by: tlaramie at superb dot net
Reported By: sborrill at precedence dot co dot uk
Status: No Feedback
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

I can replicate the issue verbatim on PHP 5.2.1 on Solaris 9 (SPARC).
Login information for testing by one of the developers is available per
their request.

Previous Comments:
------------------------------------------------------------------------

[2007-02-20 01:00:00] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

------------------------------------------------------------------------

[2007-02-12 17:49:28] [email]tony2001@php.net[/email]

Please provide an account on this machine.

------------------------------------------------------------------------

[2007-02-10 21:39:07] sborrill at precedence dot co dot uk

I've tracked this down to changes to virtual_file_ex() which is called
from expand_filepath(). expand_filepath() returns "/file" from "file"
with 5.2.0 (and later), but returns "file" with 5.1.6 and earlier. This
is down to changes between revisions 1.74.2.9 (v5.1.6) and 1.74.2.9.2.9
(v5.2.0) of TSRM/tsrm_virtual_cwd.c. I've not yet tracked it down
further.

------------------------------------------------------------------------

[2007-02-10 19:25:28] sborrill at precedence dot co dot uk

Yes, as per my original bug report, it is not fixed in the daily
snapshots. I've confirmed it today's too.

I can recreate it with the cli php binary too (i.e. I don't have to
test it from Apache).

------------------------------------------------------------------------

[2007-02-05 13:51:27] [email]tony2001@php.net[/email]

Please try using this CVS snapshot:

[url]http://snaps.php.net/php5.2-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php5.2-win32-latest.zip[/url]

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

sborrill at precedence dot co dot uk · sborrill at precedence dot co dot uk

ID: 40326
User updated by: sborrill at precedence dot co dot uk
Reported By: sborrill at precedence dot co dot uk
-Status: No Feedback
+Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

What sort of account? FTP/ssh/something else? Alternatively, big thanks
to tlaramie at superb dot net for offering a suitable account.

The error was introduced in revision 1.74.2.9.2.4 and is around line
584 for TSRM/tsrm_virtual_cwd.c in the loop that begins:
ptr = tsrm_strtok_r(path_copy, TOKENIZER_STRING, &tok);

This loop is not run in 1.74.2.9.2.3 if the cwdlen is 0. With
1.74.2.9.2.4 and later it is always run and so prepends a / on the file
name, i.e. the actual file that is opened with fopen("file","r") is
"/file". This strikes me as a potential security problem too.

Previous Comments:
------------------------------------------------------------------------

[2007-02-23 09:47:34] tlaramie at superb dot net

I can replicate the issue verbatim on PHP 5.2.1 on Solaris 9 (SPARC).
Login information for testing by one of the developers is available per
their request.

------------------------------------------------------------------------

[2007-02-20 01:00:00] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

------------------------------------------------------------------------

[2007-02-12 17:49:28] [email]tony2001@php.net[/email]

Please provide an account on this machine.

------------------------------------------------------------------------

[2007-02-10 21:39:07] sborrill at precedence dot co dot uk

I've tracked this down to changes to virtual_file_ex() which is called
from expand_filepath(). expand_filepath() returns "/file" from "file"
with 5.2.0 (and later), but returns "file" with 5.1.6 and earlier. This
is down to changes between revisions 1.74.2.9 (v5.1.6) and 1.74.2.9.2.9
(v5.2.0) of TSRM/tsrm_virtual_cwd.c. I've not yet tracked it down
further.

------------------------------------------------------------------------

[2007-02-10 19:25:28] sborrill at precedence dot co dot uk

Yes, as per my original bug report, it is not fixed in the daily
snapshots. I've confirmed it today's too.

I can recreate it with the cli php binary too (i.e. I don't have to
test it from Apache).

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

lthomas at cs dot umn dot edu · lthomas at cs dot umn dot edu

ID: 40326
Comment by: lthomas at cs dot umn dot edu
Reported By: sborrill at precedence dot co dot uk
Status: Open
Bug Type: Streams related
Operating System: NetBSD 3.1_STABLE
PHP Version: 5.2.0
New Comment:

"[3 Feb 9:32am UTC] sborrill at precedence dot co dot uk" suggested
that this is 100% reproducible when using PHP within UserDir. I've
encountered the bug both within and without UserDir.

With UserDir:
Apache 2.2.4 & PHP 5.2.1 in Solaris 8

Without UserDir:
Apache 2.0.59 & PHP 5.2.1 in Solaris 8

Previous Comments:
------------------------------------------------------------------------

[2007-02-23 11:51:57] sborrill at precedence dot co dot uk

What sort of account? FTP/ssh/something else? Alternatively, big thanks
to tlaramie at superb dot net for offering a suitable account.

The error was introduced in revision 1.74.2.9.2.4 and is around line
584 for TSRM/tsrm_virtual_cwd.c in the loop that begins:
ptr = tsrm_strtok_r(path_copy, TOKENIZER_STRING, &tok);

This loop is not run in 1.74.2.9.2.3 if the cwdlen is 0. With
1.74.2.9.2.4 and later it is always run and so prepends a / on the file
name, i.e. the actual file that is opened with fopen("file","r") is
"/file". This strikes me as a potential security problem too.

------------------------------------------------------------------------

[2007-02-23 09:47:34] tlaramie at superb dot net

I can replicate the issue verbatim on PHP 5.2.1 on Solaris 9 (SPARC).
Login information for testing by one of the developers is available per
their request.

------------------------------------------------------------------------

[2007-02-20 01:00:00] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

------------------------------------------------------------------------

[2007-02-12 17:49:28] [email]tony2001@php.net[/email]

Please provide an account on this machine.

------------------------------------------------------------------------

[2007-02-10 21:39:07] sborrill at precedence dot co dot uk

I've tracked this down to changes to virtual_file_ex() which is called
from expand_filepath(). expand_filepath() returns "/file" from "file"
with 5.2.0 (and later), but returns "file" with 5.1.6 and earlier. This
is down to changes between revisions 1.74.2.9 (v5.1.6) and 1.74.2.9.2.9
(v5.2.0) of TSRM/tsrm_virtual_cwd.c. I've not yet tracked it down
further.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
[url]http://bugs.php.net/40326[/url]

--
Edit this bug report at [url]http://bugs.php.net/?id=40326&edit=1[/url]

#40326 [NEW]: Can't open file from cwd if parent folder not readable

Thread Tools

Display

#40326 [NEW]: Can't open file from cwd if parent folder not readable

Similar Questions and Discussions

changing the default folder for the "open file" command

Open file, make changes, save file, close, re-open, file contents not changed

open a zip file or folder from a CD

open a zip file or folder on a CD

Importing list from text file => not Readable

#40326 [Opn->Fbk]: Can't open file from cwd if parent folder not readable

#40326 [Fbk->Opn]: Can't open file from cwd if parent folder not readable

#40326 [Opn->Fbk]: Can't open file from cwd if parent folder not readable

#40326 [Fbk->Opn]: Can't open file from cwd if parent folder not readable

#40326 [Opn->Fbk]: Can't open file from cwd if parent folder not readable

#40326 [Fbk->Opn]: Can't open file from cwd if parent folder not readable

#40326 [Opn]: Can't open file from cwd if parent folder not readable

#40326 [Opn->Fbk]: Can't open file from cwd if parent folder not readable

#40326 [Com]: Can't open file from cwd if parent folder not readable

#40326 [NoF->Opn]: Can't open file from cwd if parent folder not readable

#40326 [Com]: Can't open file from cwd if parent folder not readable

Posting Permissions