Description of problem: "open_basedir" not working as expected. I have in httpd.conf (virtual host) <Directory "/"> php_admin_value open_basedir "/web/somehost/" </Directory> And anyway I can see the contents f.ex. "/etc/passwd" or "/etc/hosts" when using php-script. Version-Release number of selected component (if applicable): Linux mymachine 2.6.15-1.1831_FC4smp #1 SMP Tue Feb 7 13:48:31 EST 2006 i686 i686 i386 GNU/Linux PHP 5.0.4 (cli) (built: Nov 8 2005 08:27:12) Copyright (c) 1997-2004 The PHP Group Zend Engine v2.0.4-dev, Copyright (c) 1998-2004 Zend Technologies How reproducible: Always. Steps to Reproduce: Make a php-script f.ex. "test.php" <?php echo "1. " . `whoami`; echo "<br>"; echo "2. " . `php --version`; echo "<br>"; echo "3. " . "open_basedir : " . ini_get ("open_basedir") . "<br>"; echo "<br>"; echo "4. " . `ls -la /etc/passwd`; echo "<br>"; echo "5. " . `ls /`; echo "<br><br>"; echo "6. "; passthru('cat /etc/hosts'); echo "<br><br>"; echo "7. " . `cat /etc/hosts`; echo "<br><br>"; readfile('/etc/hosts'); ?> Actual results: 1. apache 2. PHP 5.0.4 (cli) (built: Nov 8 2005 08:27:12) Copyright (c) 1997-2004 The PHP Group Zend Engine v2.0.4-dev, Copyright (c) 1998-2004 Zend Technologies 3. open_basedir : /web/somehost/ 4. -rw-r--r-- 1 root root 4439 Dec 9 09:15 /etc/passwd 5. bin boot dev etc home lib lost+found media misc mnt net opt proc root sbin selinux srv sys tftpboot tmp usr var web 6. # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost 7. # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost Warning: readfile() [function.readfile]: open_basedir restriction in effect. File(/etc/hosts) is not within the allowed path(s): (/web/somehost/) in /web/somehost/public/htdocs/test.php on line 18 Warning: readfile(/etc/hosts) [function.readfile]: failed to open stream: Operation not permitted in /web/somehost/public/htdocs/test.php on line 18 Expected results: I would expect that steps 5, 6 and 7 do not show information. Step 8. (readfile) works as expected (do not show the contents of the file). Additional info:
Downgrading open_basedir issue from security severity (see e.g. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1).
Here is the whole virstualhost configuration section from httpd.conf (this is not the only virtualhost in the httpd.conf). <VirtualHost AAA.BBB.CCC.DDD> SuexecUserGroup somehost somehost ServerName www.somehost.fi ServerAlias somehost.fi ServerAdmin webmaster <Directory "/"> php_admin_value open_basedir "/web/somehost/" php_admin_flag display_errors on </Directory> DocumentRoot "/web/somehost/public/htdocs" <Directory "/web/somehost/public/htdocs"> AllowOverride FileInfo AuthConfig Order allow,deny Allow from all </Directory> ScriptAlias /cgi-bin/ "/web/somehost/public/cgi-bin/" <Directory "/web/somehost/public/cgi-bin"> AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/web/somehost/public/htdocs/php-cgi/"> Options +FollowSymLinks </Directory> Customlog /web/somehost/logs/access_log combined Errorlog "/web/somehost/logs/error_log" </VirtualHost>
And to be more accurate... The actual open_basedir has dot characters in it. So, actually the syntax is: php_admin_value open_basedir "/web/www.somehost.com/" If this happens to mean anything... But anyway...
Hello, is there anybody out there? I am still waiting for ...
This report targets the FC3 or FC4 products, which have now been EOL'd. Could you please check that it still applies to a current Fedora release, and either update the target product or close it ? Thanks.
Fedora Core 4 is no longer maintained. Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the current Fedora release, please reopen this bug and assign it to the corresponding Fedora version.